[Bug 749175] New: CVE-2011-3256 FreeType FT_Bitmap_New integer overflow to buffer overflow, FreeType TT_Vary_Get_Glyph_Deltas improper input validation [fedora-all]
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: CVE-2011-3256 FreeType FT_Bitmap_New integer overflow to buffer overflow, FreeType TT_Vary_Get_Glyph_Deltas improper input validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=749175
Summary: CVE-2011-3256 FreeType FT_Bitmap_New integer overflow
to buffer overflow, FreeType TT_Vary_Get_Glyph_Deltas
improper input validation [fedora-all]
Product: Fedora
Version: 15
Platform: All
OS/Version: Linux
Status: NEW
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Component: mingw32-freetype
AssignedTo: rjones(a)redhat.com
ReportedBy: rcvalle(a)redhat.com
QAContact: extras-qa(a)fedoraproject.org
CC: lfarkas(a)lfarkas.org, rjones(a)redhat.com,
fedora-mingw(a)lists.fedoraproject.org
Blocks: 746226
Classification: Fedora
Story Points: ---
Type: ---
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=746226
Please note: this issue affects multiple supported versions of Fedora.
Only one tracking bug has been filed; please only close it when all
affected versions are fixed.
[bug automatically created by: add-tracking-bugs]
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
11 years, 2 months
[Bug 799398] New: SDL_Init not found in libSDL.dll.a
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: SDL_Init not found in libSDL.dll.a
https://bugzilla.redhat.com/show_bug.cgi?id=799398
Summary: SDL_Init not found in libSDL.dll.a
Product: Fedora
Version: 16
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: unspecified
Priority: unspecified
Component: mingw32-SDL
AssignedTo: rjones(a)redhat.com
ReportedBy: salsaman(a)gmail.com
QAContact: extras-qa(a)fedoraproject.org
CC: lfarkas(a)lfarkas.org, rjones(a)redhat.com,
fedora-mingw(a)lists.fedoraproject.org
Classification: Fedora
Story Points: ---
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Description of problem:
Compilation is broken
Version-Release number of selected component (if applicable):
How reproducible:
Steps to Reproduce:
Create a dll which is statically linked with SDL, as follows:
bin/sh ../../../../libtool --tag=CC --mode=link i686-pc-mingw32-gcc -fPIC
-DPIC -DIS_MINGW=1 -D_GNU_SOURCE=1 -Dmain=SDL_main
-I/usr/i686-pc-mingw32/sys-root/mingw/include/SDL -g -O2 -Wall -shared -fPIC
-DPIC -module -avoid-version --tag=disable-static -no-undefined
-Wl,/usr/i686-pc-mingw32/sys-root/mingw/lib/libSDL.dll.a
-Wl,/usr/i686-pc-mingw32/sys-root/mingw/lib/libSDLmain.a -o SDL.la -rpath
"/usr/lib/lives/plugins/playback/video" SDL_la-SDL.lo
libtool: link: i686-pc-mingw32-gcc -shared .libs/SDL_la-SDL.o -O2
-Wl,/usr/i686-pc-mingw32/sys-root/mingw/lib/libSDL.dll.a
-Wl,/usr/i686-pc-mingw32/sys-root/mingw/lib/libSDLmain.a -o .libs/SDL.dll
-Wl,--enable-auto-image-base -Xlinker --out-implib -Xlinker .libs/SDL.dll.a
This creates SDL.dll in .libs. No warnings are given about missing functions.
Actual results:
When SDL.dll is loaded and run under wine, it crashes with:
wine: Call from 0x7bc4c100 to unimplemented function SDL.dll.SDL_Init, aborting
wine: Unimplemented function SDL.dll.SDL_Init called at address 0x7bc4c100
(thread 0023), starting debugger...
Unhandled exception: unimplemented function SDL.dll.SDL_Init called in 32-bit
code (0x7bc4c100).
Expected results:
SDL_Init should be found inside libSDL.dll.a
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
11 years, 2 months
[Bug 795699] New: CVE-2012-0841 libxml2: hash table collisions CPU usage DoS [fedora-all]
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: CVE-2012-0841 libxml2: hash table collisions CPU usage DoS [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=795699
Summary: CVE-2012-0841 libxml2: hash table collisions CPU usage
DoS [fedora-all]
Product: Fedora
Version: 16
Platform: All
OS/Version: Linux
Status: NEW
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Component: mingw32-libxml2
AssignedTo: rjones(a)redhat.com
ReportedBy: huzaifas(a)redhat.com
QAContact: extras-qa(a)fedoraproject.org
CC: lfarkas(a)lfarkas.org, veillard(a)redhat.com,
rjones(a)redhat.com, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org, drizt(a)land.ru
Blocks: 787067
Classification: Fedora
Story Points: ---
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=787067
Please note: this issue affects multiple supported versions of Fedora.
Only one tracking bug has been filed; please ensure that it is only closed
when all affected versions are fixed.
[bug automatically created by: add-tracking-bugs]
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
11 years, 2 months
[Bug 891011] New: Review Request: mingw-angleproject - Almost Native Graphics Layer Engine
by Red Hat Bugzilla
Product: Fedora
https://bugzilla.redhat.com/show_bug.cgi?id=891011
Bug ID: 891011
Summary: Review Request: mingw-angleproject - Almost Native
Graphics Layer Engine
Product: Fedora
Version: rawhide
Component: Package Review
Severity: unspecified
Priority: unspecified
Reporter: erik-fedora(a)vanpienbroek.nl
Spec URL:
http://svn.openftd.org/svn/fedora_cross/mingw-angleproject/mingw-anglepro...
SRPM URL:
http://koji.vanpienbroek.nl/kojifiles/packages/mingw-angleproject/0/2.svn...
Fedora Account System Username: epienbro
Description:
ANGLE is a conformant implementation of the OpenGL ES 2.0 specification that
is hardware‐accelerated via Direct3D. ANGLE v1.0.772 was certified compliant
by passing the ES 2.0.3 conformance tests in October 2011. ANGLE also provides
an implementation of the EGL 1.4 specification.
ANGLE is used as the default WebGL backend for both Google Chrome and
Mozilla Firefox on Windows platforms. Chrome uses ANGLE for all graphics
rendering on Windows, including the accelerated Canvas2D implementation
and the Native Client sandbox environment.
Portions of the ANGLE shader compiler are used as a shader validator and
translator by WebGL implementations across multiple platforms. It is used
on Mac OS X, Linux, and in mobile variants of the browsers. Having one shader
validator helps to ensure that a consistent set of GLSL ES shaders are
accepted across browsers and platforms. The shader translator can be used
to translate shaders to other shading languages, and to optionally apply
shader modifications to work around bugs or quirks in the native graphics
drivers. The translator targets Desktop GLSL, Direct3D HLSL, and even ESSL
for native GLES2 platforms.
==
This package is required by mingw-qt5-qtbase (bug 858058)
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=75v4lDa6SB&a=cc_unsubscribe
11 years, 3 months
matahari no longer maintained
by Adam Stokes
Erik,
Just a heads up that I do not believe matahari is being actively maintained
anymore. Not sure what the process is these days to get a package removed
from the archive but that one should be deprecated. Probably qpid as well
but may want to consult those maintainers.
Thanks
Adam
11 years, 3 months