The NetBSD Project

CVS log for pkgsrc/mail/libytnef/Makefile.common

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / mail / libytnef

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.2 / (download) - annotate - [select for diffs], Sun Sep 3 08:53:10 2017 UTC (19 months, 2 weeks ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3, pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1, pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-, HEAD
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)

Follow some redirects.

Revision 1.1 / (download) - annotate - [select for diffs], Thu Aug 17 09:49:47 2017 UTC (20 months ago) by nros
Branch: MAIN

Update libytnef to version 1.9.2.

The changes in patch-ytnef.c has been applied upstream.
patch-ytnef.c has now been removed.

Changes from Changelog:

v1.9.2 - February 23, 2017

Thanks to @hannob for finding some Out-of-bound exceptions in memory handline.
* [SECURITY] An invalid memory access (heap overrun) in handling LONG datatypes (CVE-2017-6800)
* [SECURITY] Missing a check for fields of size 0 (CVE-2017-6801)
* [SECURITY] Potential buffer overrun on incoming Compressed RTF Streams (CVE-2017-6802)

This version  & the previous 1.9.1 resolves the following CVEs:
* CVE-2017-6306
* CVE-2017-6305
* CVE-2017-6304
* CVE-2017-6303
* CVE-2017-6302
* CVE-2017-6301
* CVE-2017-6300
* CVE-2017-6299
* CVE-2017-6298

v1.9.1 - Feb 14, 2017
* BugFix for path handling- label both / and \ as invalid characters inattachments
* Remove lots of exit(-1)'s from the code that would crash calling programs
* [SECURITY] Thanks to EricSesterhennX41 for a patch to fix lots of invalid
memory allocation around corrupted files.

v1.9 - January 2, 2017
* Unify libytnef and ytnef tools into a single build & package (Thanks @jmallach)
* Fix applied for CVE-2010-5109
* Various fixes for errors found via Static Analysis (cppcheck)
* Various memory leaks plugged (Thanks @slonik-v-domene)
* Bugfix for a broken "uniqueness" checker
* Lots of formatting & documentation cleanups

Now that the two packages are unified into a single install & build, I've had
to choose a unifier of Version Numbers.  I chose 1.9 .

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>