[Bug 755814] New: CVE-2011-0216 libxml2: Off-by-one error leading to heap-based buffer overflow in encoding [fedora-all]
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: CVE-2011-0216 libxml2: Off-by-one error leading to heap-based buffer overflow in encoding [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=755814
Summary: CVE-2011-0216 libxml2: Off-by-one error leading to
heap-based buffer overflow in encoding [fedora-all]
Product: Fedora
Version: 15
Platform: All
OS/Version: Linux
Status: NEW
Keywords: Security, SecurityTracking
Severity: low
Priority: low
Component: mingw32-libxml2
AssignedTo: rjones(a)redhat.com
ReportedBy: huzaifas(a)redhat.com
QAContact: extras-qa(a)fedoraproject.org
CC: lfarkas(a)lfarkas.org, veillard(a)redhat.com,
rjones(a)redhat.com, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org, drizt(a)land.ru
Blocks: 724906
Classification: Fedora
Story Points: ---
Type: ---
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=724906
Please note: this issue affects multiple supported versions of Fedora.
Only one tracking bug has been filed; please ensure that it is only closed
when all affected versions are fixed.
[bug automatically created by: add-tracking-bugs]
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
11 years, 2 months
[Bug 749175] New: CVE-2011-3256 FreeType FT_Bitmap_New integer overflow to buffer overflow, FreeType TT_Vary_Get_Glyph_Deltas improper input validation [fedora-all]
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: CVE-2011-3256 FreeType FT_Bitmap_New integer overflow to buffer overflow, FreeType TT_Vary_Get_Glyph_Deltas improper input validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=749175
Summary: CVE-2011-3256 FreeType FT_Bitmap_New integer overflow
to buffer overflow, FreeType TT_Vary_Get_Glyph_Deltas
improper input validation [fedora-all]
Product: Fedora
Version: 15
Platform: All
OS/Version: Linux
Status: NEW
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Component: mingw32-freetype
AssignedTo: rjones(a)redhat.com
ReportedBy: rcvalle(a)redhat.com
QAContact: extras-qa(a)fedoraproject.org
CC: lfarkas(a)lfarkas.org, rjones(a)redhat.com,
fedora-mingw(a)lists.fedoraproject.org
Blocks: 746226
Classification: Fedora
Story Points: ---
Type: ---
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=746226
Please note: this issue affects multiple supported versions of Fedora.
Only one tracking bug has been filed; please only close it when all
affected versions are fixed.
[bug automatically created by: add-tracking-bugs]
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
11 years, 2 months
[Bug 799398] New: SDL_Init not found in libSDL.dll.a
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: SDL_Init not found in libSDL.dll.a
https://bugzilla.redhat.com/show_bug.cgi?id=799398
Summary: SDL_Init not found in libSDL.dll.a
Product: Fedora
Version: 16
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: unspecified
Priority: unspecified
Component: mingw32-SDL
AssignedTo: rjones(a)redhat.com
ReportedBy: salsaman(a)gmail.com
QAContact: extras-qa(a)fedoraproject.org
CC: lfarkas(a)lfarkas.org, rjones(a)redhat.com,
fedora-mingw(a)lists.fedoraproject.org
Classification: Fedora
Story Points: ---
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Description of problem:
Compilation is broken
Version-Release number of selected component (if applicable):
How reproducible:
Steps to Reproduce:
Create a dll which is statically linked with SDL, as follows:
bin/sh ../../../../libtool --tag=CC --mode=link i686-pc-mingw32-gcc -fPIC
-DPIC -DIS_MINGW=1 -D_GNU_SOURCE=1 -Dmain=SDL_main
-I/usr/i686-pc-mingw32/sys-root/mingw/include/SDL -g -O2 -Wall -shared -fPIC
-DPIC -module -avoid-version --tag=disable-static -no-undefined
-Wl,/usr/i686-pc-mingw32/sys-root/mingw/lib/libSDL.dll.a
-Wl,/usr/i686-pc-mingw32/sys-root/mingw/lib/libSDLmain.a -o SDL.la -rpath
"/usr/lib/lives/plugins/playback/video" SDL_la-SDL.lo
libtool: link: i686-pc-mingw32-gcc -shared .libs/SDL_la-SDL.o -O2
-Wl,/usr/i686-pc-mingw32/sys-root/mingw/lib/libSDL.dll.a
-Wl,/usr/i686-pc-mingw32/sys-root/mingw/lib/libSDLmain.a -o .libs/SDL.dll
-Wl,--enable-auto-image-base -Xlinker --out-implib -Xlinker .libs/SDL.dll.a
This creates SDL.dll in .libs. No warnings are given about missing functions.
Actual results:
When SDL.dll is loaded and run under wine, it crashes with:
wine: Call from 0x7bc4c100 to unimplemented function SDL.dll.SDL_Init, aborting
wine: Unimplemented function SDL.dll.SDL_Init called at address 0x7bc4c100
(thread 0023), starting debugger...
Unhandled exception: unimplemented function SDL.dll.SDL_Init called in 32-bit
code (0x7bc4c100).
Expected results:
SDL_Init should be found inside libSDL.dll.a
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
11 years, 2 months
[Bug 795699] New: CVE-2012-0841 libxml2: hash table collisions CPU usage DoS [fedora-all]
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: CVE-2012-0841 libxml2: hash table collisions CPU usage DoS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=795699
Summary: CVE-2012-0841 libxml2: hash table collisions CPU usage
DoS [fedora-all]
Product: Fedora
Version: 16
Platform: All
OS/Version: Linux
Status: NEW
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Component: mingw32-libxml2
AssignedTo: rjones(a)redhat.com
ReportedBy: huzaifas(a)redhat.com
QAContact: extras-qa(a)fedoraproject.org
CC: lfarkas(a)lfarkas.org, veillard(a)redhat.com,
rjones(a)redhat.com, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org, drizt(a)land.ru
Blocks: 787067
Classification: Fedora
Story Points: ---
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=787067
Please note: this issue affects multiple supported versions of Fedora.
Only one tracking bug has been filed; please ensure that it is only closed
when all affected versions are fixed.
[bug automatically created by: add-tracking-bugs]
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
11 years, 2 months