November 2012 - mingw - Fedora Mailing-Lists

[Bug 795699] New: CVE-2012-0841 libxml2: hash table collisions CPU usage DoS [fedora-all]

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: CVE-2012-0841 libxml2: hash table collisions CPU usage DoS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=795699 Summary: CVE-2012-0841 libxml2: hash table collisions CPU usage DoS [fedora-all] Product: Fedora Version: 16 Platform: All OS/Version: Linux Status: NEW Keywords: Security, SecurityTracking Severity: medium Priority: medium Component: mingw32-libxml2 AssignedTo: rjones(a)redhat.com ReportedBy: huzaifas(a)redhat.com QAContact: extras-qa(a)fedoraproject.org CC: lfarkas(a)lfarkas.org, veillard(a)redhat.com, rjones(a)redhat.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, drizt(a)land.ru Blocks: 787067 Classification: Fedora Story Points: --- Type: --- Regression: --- Mount Type: --- Documentation: --- This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected Fedora versions. For comments that are specific to the vulnerability please use bugs filed against "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please include this bug ID and the bug IDs of this bug's parent bugs filed against the "Security Response" product (the top-level CVE bugs). Please mention the CVE IDs being fixed in the RPM changelog when available. Bodhi update submission link: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=787067 Please note: this issue affects multiple supported versions of Fedora. Only one tracking bug has been filed; please ensure that it is only closed when all affected versions are fixed. [bug automatically created by: add-tracking-bugs] -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

11 years, 2 months

1
3
0 / 0

[Bug 806271] New: CVE-2012-1144 freetype: insufficient checking of first outline point in TTF parser (#35689) [fedora-all]

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: CVE-2012-1144 freetype: insufficient checking of first outline point in TTF parser (#35689) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=806271 Summary: CVE-2012-1144 freetype: insufficient checking of first outline point in TTF parser (#35689) [fedora-all] Product: Fedora Version: 16 Platform: All OS/Version: Linux Status: NEW Keywords: Security, SecurityTracking Severity: high Priority: high Component: mingw32-freetype AssignedTo: rjones(a)redhat.com ReportedBy: thoger(a)redhat.com QAContact: extras-qa(a)fedoraproject.org CC: lfarkas(a)lfarkas.org, rjones(a)redhat.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org Blocks: 800607 Classification: Fedora Story Points: --- Type: --- Regression: --- Mount Type: --- Documentation: --- This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected Fedora versions. For comments that are specific to the vulnerability please use bugs filed against "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please include this bug ID and the bug IDs of this bug's parent bugs filed against the "Security Response" product (the top-level CVE bugs). Please mention the CVE IDs being fixed in the RPM changelog when available. Bodhi update submission link: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=800607 Please note: this issue affects multiple supported versions of Fedora. Only one tracking bug has been filed; please ensure that it is only closed when all affected versions are fixed. [bug automatically created by: add-tracking-bugs] -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

11 years, 3 months

1
11
0 / 0

[Bug 851189] New: Review Request: mingw-lcms2 - MinGW Color Management System

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=851189 Bug ID: 851189 QA Contact: extras-qa(a)fedoraproject.org Severity: unspecified Version: rawhide Priority: unspecified CC: fedora-mingw(a)lists.fedoraproject.org, notting(a)redhat.com, package-review(a)lists.fedoraproject.org Assignee: nobody(a)fedoraproject.org Summary: Review Request: mingw-lcms2 - MinGW Color Management System Regression: --- Story Points: --- Classification: Fedora OS: Unspecified Reporter: t.sailer(a)alumni.ethz.ch Type: Bug Documentation: --- Hardware: Unspecified Mount Type: --- Status: NEW Component: Package Review Product: Fedora Spec URL: http://sailer.fedorapeople.org/mingw-lcms2.spec SRPM URL: http://sailer.fedorapeople.org/mingw-lcms2-2.3-1.fc17.src.rpm Description: MinGW Color Management System Approved MinGW packaging guidelines are here: http://fedoraproject.org/wiki/Packaging/MinGW -- You are receiving this mail because: You are on the CC list for the bug.

11 years, 3 months

1
10
0 / 0

[Bug 866032] New: configure --disable-static prevents building of freetype static library

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=866032 Bug ID: 866032 QA Contact: extras-qa(a)fedoraproject.org Severity: unspecified Version: rawhide Priority: unspecified CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, lfarkas(a)lfarkas.org, rjones(a)redhat.com Assignee: rjones(a)redhat.com Summary: configure --disable-static prevents building of freetype static library Regression: --- Story Points: --- Classification: Fedora OS: Unspecified Reporter: ntd(a)entidi.it Type: Bug Documentation: --- Hardware: Unspecified Mount Type: --- Status: NEW Component: mingw-freetype Product: Fedora Back in 2008 static libraries were stripped from the final package. The relevant commit does not explain why: http://hg.et.redhat.com/cgi-bin/hg-misc.cgi/fedora-mingw--devel/rev/1d89b... Actually they are disabled at configure level with --disable-static. I'd like to know the rationale behind this. If that reason still stands a comment should be added to the spec (or I can provide a git patch myself... I don't know if this is common practice here) otherwise adding --enable-static can be considered. I didn't find anything in favor or against it in the wild. -- You are receiving this mail because: You are on the CC list for the bug.

11 years, 4 months

1
9
0 / 0

[Bug 843190] New: CVE-2011-3464 libpng: One-byte stack buffer overrun in png_formatted_warning [fedora-17]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=843190 Bug ID: 843190 Keywords: Security, SecurityTracking Blocks: 843179 (CVE-2011-3464) QA Contact: extras-qa(a)fedoraproject.org Severity: high Version: 17 Priority: high CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, ktietz(a)redhat.com, lfarkas(a)lfarkas.org, rjones(a)redhat.com Assignee: rjones(a)redhat.com Summary: CVE-2011-3464 libpng: One-byte stack buffer overrun in png_formatted_warning [fedora-17] Regression: --- Story Points: --- Classification: Fedora OS: Linux Reporter: kseifried(a)redhat.com Type: --- Documentation: --- Hardware: All Mount Type: --- Status: NEW Component: mingw-libpng Product: Fedora This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected Fedora versions. For comments that are specific to the vulnerability please use bugs filed against "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please include this bug ID and the bug IDs of this bug's parent bugs filed against the "Security Response" product (the top-level CVE bugs). Please mention the CVE IDs being fixed in the RPM changelog when available. Bodhi update submission link: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=843179 fedora-17 tracking bug for mingw-libpng: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] -- You are receiving this mail because: You are on the CC list for the bug.

11 years, 4 months

1
7
0 / 0

[Bug 880466] CVE-2012-5134 libxml2: Heap-buffer-underflow in xmlParseAttValueComplex

by Red Hat Bugzilla

11 years, 5 months

1
0
0 / 0

[Bug 880466] CVE-2012-5134 libxml2: Heap-buffer-underflow in xmlParseAttValueComplex

by Red Hat Bugzilla

Product: Security Response https://bugzilla.redhat.com/show_bug.cgi?id=880466 Huzaifa S. Sidhpurwala <huzaifas(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On| |882064 --- Comment #7 from Huzaifa S. Sidhpurwala <huzaifas(a)redhat.com> --- Created mingw32-libxml2 tracking bugs for this issue Affects: fedora-all [bug 882064] -- You are receiving this mail because: You are on the CC list for the bug.

11 years, 5 months

1
0
0 / 0

[Bug 880466] CVE-2012-5134 libxml2: Heap-buffer-underflow in xmlParseAttValueComplex

by Red Hat Bugzilla

11 years, 5 months

1
0
0 / 0

[Bug 880466] CVE-2012-5134 libxml2: Heap-buffer-underflow in xmlParseAttValueComplex

by Red Hat Bugzilla

Product: Security Response https://bugzilla.redhat.com/show_bug.cgi?id=880466 --- Comment #6 from errata-xmlrpc <errata-xmlrpc(a)redhat.com> --- This issue has been addressed in following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Via RHSA-2012:1512 https://rhn.redhat.com/errata/RHSA-2012-1512.html -- You are receiving this mail because: You are on the CC list for the bug.

11 years, 5 months

1
0
0 / 0

[Bug 880466] CVE-2012-5134 libxml2: Heap-buffer-underflow in xmlParseAttValueComplex

by Red Hat Bugzilla

Product: Security Response https://bugzilla.redhat.com/show_bug.cgi?id=880466 Martin Cermak <mcermak(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mcermak(a)redhat.com -- You are receiving this mail because: You are on the CC list for the bug.

11 years, 5 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

mingw November 2012