June 2010 - mingw - Fedora Mailing-Lists

[Bug 595006] New: mingw32-dlfcn-static libdl.a has no index

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: mingw32-dlfcn-static libdl.a has no index https://bugzilla.redhat.com/show_bug.cgi?id=595006 Summary: mingw32-dlfcn-static libdl.a has no index Product: Fedora Version: 12 Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: low Component: mingw32-dlfcn AssignedTo: rjones(a)redhat.com ReportedBy: stebbins(a)jetheaddev.com QAContact: extras-qa(a)fedoraproject.org CC: lfarkas(a)lfarkas.org, berrange(a)redhat.com, rjones(a)redhat.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org Classification: Fedora Description of problem: When attempting to link with libdl.a this error occurs: /usr/i686-pc-mingw32/sys-root/mingw/lib/libdl.a: could not read symbols: Archive has no index; run ranlib to add one Version-Release number of selected component (if applicable): Release : 0.7.r11.fc12 Steps to Reproduce: 1. gcc -static somefile.c -o some.exe -ldl Additional info: running ranlib fixes the problem: # i686-pc-mingw32-ranlib libdl.a -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

13 years, 4 months

1
2
0 / 0

[Bug 508746] New: noarch MinGW debuginfo packages don't get placed in the debuginfo repository

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: noarch MinGW debuginfo packages don't get placed in the debuginfo repository https://bugzilla.redhat.com/show_bug.cgi?id=508746 Summary: noarch MinGW debuginfo packages don't get placed in the debuginfo repository Product: Fedora Version: rawhide Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: low Component: mash AssignedTo: notting(a)redhat.com ReportedBy: erik-fedora(a)vanpienbroek.nl QAContact: extras-qa(a)fedoraproject.org CC: notting(a)redhat.com, jkeating(a)redhat.com, fedora-mingw(a)lists.fedoraproject.org Classification: Fedora This bug was originally reported at the rel-eng trac ( https://fedorahosted.org/rel-eng/ticket/1949 ), but I was asked to report this here: A few days ago we (the Fedora MinGW SIG) started experimenting with generating -debuginfo subpackages for our libraries. For this we've created some custom scripts to strip out debug information to separate files and added some RPM macro's to create -debuginfo subpackages containing these files. This has been discussed at http://lists.fedoraproject.org/pipermail/fedora-mingw/2009-June/001748.html The RPM scripts were added in mingw32-filesystem-52-1.fc12 and some of our regular MinGW packages were rebuild as can be seen at http://koji.fedoraproject.org/koji/buildinfo?buildID=111400 After waiting for the next rawhide push we discovered that the mingw32-glib2-debuginfo subpackage wasn't published in the rawhide-debuginfo repository. We think it's caused by the fact that our mingw32 packages are noarch. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

13 years, 6 months

1
8
0 / 0

[Bug 504782] New: libpng: Interlaced Images Information Disclosure Vulnerability

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: libpng: Interlaced Images Information Disclosure Vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=504782 Summary: libpng: Interlaced Images Information Disclosure Vulnerability Product: Security Response Version: unspecified Platform: All OS/Version: Linux Status: NEW Status Whiteboard: source=gentoo,reported=20090606,public=20090604,impact =low? Keywords: Security Severity: medium Priority: medium Component: vulnerability AssignedTo: security-response-team(a)redhat.com ReportedBy: thoger(a)redhat.com CC: paul(a)city-fan.org, lfarkas(a)lfarkas.org, tgl(a)redhat.com, berrange(a)redhat.com, rjones(a)redhat.com, fedora-mingw(a)lists.fedoraproject.org Classification: Other Target Release: --- Quoting Secunia advisory SA35346: http://secunia.com/advisories/35346/ A vulnerability has been reported in libpng, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an error when processing 1-bit interlaced images. This can be exploited to disclose uninitialised memory via specially crafted images having widths that are not divisible by 8. The vulnerability is reported in versions prior to 1.2.37. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

13 years, 8 months

1
21
0 / 0

[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=608644 --- Comment #16 from Vincent Danen <vdanen(a)redhat.com> 2010-06-29 16:54:43 EDT --- (In reply to comment #10) > Yes, it does. Upstream has declared end-of-life for libpng10 and does > not plan any more updates, even for security, as announced back in > February. If that is a hardship, you can complain to png-mng-implemement at > lists.sf.net, explain why you still need libpng10, and we might revisit the > decision. > > We also plan to abandon libpng12 at the end of 2010. We have libpng10 packages in Red Hat Enterprise Linux 3 and 4, used by things like gnome-libs (both) and Gtk-Perl, gimp (RHEL3-only), so we have to support libpng10 until those distributions reach end-of-life. It isn't necessarily a hardship, but other vendors may be in the same position with regards to supporting libpng10 and libpng12 (we will be supporting libpng12 for many years to come yet). Abandoning libpng12 at the end of this year might be something we should bring up (perhaps some kind of maintenance for security issues alone). Thanks for that information. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

13 years, 10 months

1
0
0 / 0

[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=608644 --- Comment #15 from Fedora Update System <updates(a)fedoraproject.org> 2010-06-29 15:19:54 EDT --- libpng-1.2.44-1.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/libpng-1.2.44-1.fc12 -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

13 years, 10 months

1
0
0 / 0

[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=608644 --- Comment #14 from Fedora Update System <updates(a)fedoraproject.org> 2010-06-29 15:19:43 EDT --- libpng-1.2.44-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/libpng-1.2.44-1.fc13 -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

13 years, 10 months

1
0
0 / 0

[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=608644 --- Comment #13 from Glenn Randers-Pehrson <glennrp+bmo(a)gmail.com> 2010-06-29 13:44:43 EDT --- (In reply to comment #11) > (In reply to comment #8) > That is an upstream "workaround" for the bug which was removed in a later > commit. Our "git" commits show much of our work-in-progress, and there are > 4 or 5 commits involved in solving this bug. The actual fix > can be found by diffing pngpread.c from libpng-1.4.2 and 1.4.3. Sorry, this comment is about the other bug (the extra-row problem). -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

13 years, 10 months

1
0
0 / 0

[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=608644 --- Comment #12 from Glenn Randers-Pehrson <glennrp+bmo(a)gmail.com> 2010-06-29 13:43:12 EDT --- (In reply to comment #8) > Looks like this is the upstream commit to fix this issue: > > http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commit... Yes. This commit contains the changes to pngrutil.c that fix the sCAL chunk memory leak. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

13 years, 10 months

1
0
0 / 0

[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images

by Red Hat Bugzilla

13 years, 10 months

1
0
0 / 0

[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=608644 --- Comment #11 from Glenn Randers-Pehrson <glennrp+bmo(a)gmail.com> 2010-06-29 13:36:59 EDT --- (In reply to comment #8) > Looks like this is the upstream commit to fix this issue: > > http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commit... That is an upstream "workaround" for the bug which was removed in a later commit. Our "git" commits show much of our work-in-progress, and there are 4 or 5 commits involved in solving this bug. The actual fix can be found by diffing pngpread.c from libpng-1.4.2 and 1.4.3. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

13 years, 10 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

mingw June 2010