January 2013 - mingw - Fedora Mailing-Lists

[Bug 749175] New: CVE-2011-3256 FreeType FT_Bitmap_New integer overflow to buffer overflow, FreeType TT_Vary_Get_Glyph_Deltas improper input validation [fedora-all]

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: CVE-2011-3256 FreeType FT_Bitmap_New integer overflow to buffer overflow, FreeType TT_Vary_Get_Glyph_Deltas improper input validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=749175 Summary: CVE-2011-3256 FreeType FT_Bitmap_New integer overflow to buffer overflow, FreeType TT_Vary_Get_Glyph_Deltas improper input validation [fedora-all] Product: Fedora Version: 15 Platform: All OS/Version: Linux Status: NEW Keywords: Security, SecurityTracking Severity: high Priority: high Component: mingw32-freetype AssignedTo: rjones(a)redhat.com ReportedBy: rcvalle(a)redhat.com QAContact: extras-qa(a)fedoraproject.org CC: lfarkas(a)lfarkas.org, rjones(a)redhat.com, fedora-mingw(a)lists.fedoraproject.org Blocks: 746226 Classification: Fedora Story Points: --- Type: --- This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected Fedora versions. For comments that are specific to the vulnerability please use bugs filed against "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please include the bug IDs of the respective parent bugs filed against the "Security Response" product. Please mention CVE ids in the RPM changelog when available. Bodhi update submission link: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=746226 Please note: this issue affects multiple supported versions of Fedora. Only one tracking bug has been filed; please only close it when all affected versions are fixed. [bug automatically created by: add-tracking-bugs] -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

11 years, 2 months

1
8
0 / 0

[Bug 799398] New: SDL_Init not found in libSDL.dll.a

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: SDL_Init not found in libSDL.dll.a https://bugzilla.redhat.com/show_bug.cgi?id=799398 Summary: SDL_Init not found in libSDL.dll.a Product: Fedora Version: 16 Platform: Unspecified OS/Version: Unspecified Status: NEW Severity: unspecified Priority: unspecified Component: mingw32-SDL AssignedTo: rjones(a)redhat.com ReportedBy: salsaman(a)gmail.com QAContact: extras-qa(a)fedoraproject.org CC: lfarkas(a)lfarkas.org, rjones(a)redhat.com, fedora-mingw(a)lists.fedoraproject.org Classification: Fedora Story Points: --- Type: --- Regression: --- Mount Type: --- Documentation: --- Description of problem: Compilation is broken Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: Create a dll which is statically linked with SDL, as follows: bin/sh ../../../../libtool --tag=CC --mode=link i686-pc-mingw32-gcc -fPIC -DPIC -DIS_MINGW=1 -D_GNU_SOURCE=1 -Dmain=SDL_main -I/usr/i686-pc-mingw32/sys-root/mingw/include/SDL -g -O2 -Wall -shared -fPIC -DPIC -module -avoid-version --tag=disable-static -no-undefined -Wl,/usr/i686-pc-mingw32/sys-root/mingw/lib/libSDL.dll.a -Wl,/usr/i686-pc-mingw32/sys-root/mingw/lib/libSDLmain.a -o SDL.la -rpath "/usr/lib/lives/plugins/playback/video" SDL_la-SDL.lo libtool: link: i686-pc-mingw32-gcc -shared .libs/SDL_la-SDL.o -O2 -Wl,/usr/i686-pc-mingw32/sys-root/mingw/lib/libSDL.dll.a -Wl,/usr/i686-pc-mingw32/sys-root/mingw/lib/libSDLmain.a -o .libs/SDL.dll -Wl,--enable-auto-image-base -Xlinker --out-implib -Xlinker .libs/SDL.dll.a This creates SDL.dll in .libs. No warnings are given about missing functions. Actual results: When SDL.dll is loaded and run under wine, it crashes with: wine: Call from 0x7bc4c100 to unimplemented function SDL.dll.SDL_Init, aborting wine: Unimplemented function SDL.dll.SDL_Init called at address 0x7bc4c100 (thread 0023), starting debugger... Unhandled exception: unimplemented function SDL.dll.SDL_Init called in 32-bit code (0x7bc4c100). Expected results: SDL_Init should be found inside libSDL.dll.a -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

11 years, 2 months

1
8
0 / 0

[Bug 795699] New: CVE-2012-0841 libxml2: hash table collisions CPU usage DoS [fedora-all]

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: CVE-2012-0841 libxml2: hash table collisions CPU usage DoS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=795699 Summary: CVE-2012-0841 libxml2: hash table collisions CPU usage DoS [fedora-all] Product: Fedora Version: 16 Platform: All OS/Version: Linux Status: NEW Keywords: Security, SecurityTracking Severity: medium Priority: medium Component: mingw32-libxml2 AssignedTo: rjones(a)redhat.com ReportedBy: huzaifas(a)redhat.com QAContact: extras-qa(a)fedoraproject.org CC: lfarkas(a)lfarkas.org, veillard(a)redhat.com, rjones(a)redhat.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, drizt(a)land.ru Blocks: 787067 Classification: Fedora Story Points: --- Type: --- Regression: --- Mount Type: --- Documentation: --- This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected Fedora versions. For comments that are specific to the vulnerability please use bugs filed against "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please include this bug ID and the bug IDs of this bug's parent bugs filed against the "Security Response" product (the top-level CVE bugs). Please mention the CVE IDs being fixed in the RPM changelog when available. Bodhi update submission link: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=787067 Please note: this issue affects multiple supported versions of Fedora. Only one tracking bug has been filed; please ensure that it is only closed when all affected versions are fixed. [bug automatically created by: add-tracking-bugs] -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

11 years, 2 months

1
3
0 / 0

[Bug 891011] New: Review Request: mingw-angleproject - Almost Native Graphics Layer Engine

by Red Hat Bugzilla

Product: Fedora https://bugzilla.redhat.com/show_bug.cgi?id=891011 Bug ID: 891011 Summary: Review Request: mingw-angleproject - Almost Native Graphics Layer Engine Product: Fedora Version: rawhide Component: Package Review Severity: unspecified Priority: unspecified Reporter: erik-fedora(a)vanpienbroek.nl Spec URL: http://svn.openftd.org/svn/fedora_cross/mingw-angleproject/mingw-anglepro... SRPM URL: http://koji.vanpienbroek.nl/kojifiles/packages/mingw-angleproject/0/2.svn... Fedora Account System Username: epienbro Description: ANGLE is a conformant implementation of the OpenGL ES 2.0 specification that is hardware‐accelerated via Direct3D. ANGLE v1.0.772 was certified compliant by passing the ES 2.0.3 conformance tests in October 2011. ANGLE also provides an implementation of the EGL 1.4 specification. ANGLE is used as the default WebGL backend for both Google Chrome and Mozilla Firefox on Windows platforms. Chrome uses ANGLE for all graphics rendering on Windows, including the accelerated Canvas2D implementation and the Native Client sandbox environment. Portions of the ANGLE shader compiler are used as a shader validator and translator by WebGL implementations across multiple platforms. It is used on Mac OS X, Linux, and in mobile variants of the browsers. Having one shader validator helps to ensure that a consistent set of GLSL ES shaders are accepted across browsers and platforms. The shader translator can be used to translate shaders to other shading languages, and to optionally apply shader modifications to work around bugs or quirks in the native graphics drivers. The translator targets Desktop GLSL, Direct3D HLSL, and even ESSL for native GLES2 platforms. == This package is required by mingw-qt5-qtbase (bug 858058) -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=75v4lDa6SB&a=cc_unsubscribe

11 years, 3 months

1
17
0 / 0

matahari no longer maintained

by Adam Stokes

Erik, Just a heads up that I do not believe matahari is being actively maintained anymore. Not sure what the process is these days to get a package removed from the archive but that one should be deprecated. Probably qpid as well but may want to consult those maintainers. Thanks Adam

11 years, 3 months

3
2
0 / 0

[Bug 890088] CVE-2012-5669 freetype: heap buffer over-read in BDF parsing _bdf_parse_glyphs() (#37906)

by Red Hat Bugzilla

Product: Security Response https://bugzilla.redhat.com/show_bug.cgi?id=890088 --- Comment #17 from errata-xmlrpc <errata-xmlrpc(a)redhat.com> --- This issue has been addressed in following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Via RHSA-2013:0216 https://rhn.redhat.com/errata/RHSA-2013-0216.html -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=9zUa1wvo2N&a=cc_unsubscribe

11 years, 3 months

1
0
0 / 0

[Bug 880466] CVE-2012-5134 libxml2: Heap-buffer-underflow in xmlParseAttValueComplex

by Red Hat Bugzilla

Product: Security Response https://bugzilla.redhat.com/show_bug.cgi?id=880466 --- Comment #12 from errata-xmlrpc <errata-xmlrpc(a)redhat.com> --- This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:0217 https://rhn.redhat.com/errata/RHSA-2013-0217.html -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Ap7jXJAtMH&a=cc_unsubscribe

11 years, 3 months

1
0
0 / 0

[Bug 787067] CVE-2012-0841 libxml2: hash table collisions CPU usage DoS

by Red Hat Bugzilla

Product: Security Response https://bugzilla.redhat.com/show_bug.cgi?id=787067 --- Comment #24 from errata-xmlrpc <errata-xmlrpc(a)redhat.com> --- This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:0217 https://rhn.redhat.com/errata/RHSA-2013-0217.html -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=OHDhpXWzw6&a=cc_unsubscribe

11 years, 3 months

1
0
0 / 0

[Bug 724906] CVE-2011-0216 libxml2: Off-by-one error leading to heap-based buffer overflow in encoding

by Red Hat Bugzilla

Product: Security Response https://bugzilla.redhat.com/show_bug.cgi?id=724906 --- Comment #50 from errata-xmlrpc <errata-xmlrpc(a)redhat.com> --- This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:0217 https://rhn.redhat.com/errata/RHSA-2013-0217.html -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=vCBx2CDPtb&a=cc_unsubscribe

11 years, 3 months

1
0
0 / 0

[Bug 880466] CVE-2012-5134 libxml2: Heap-buffer-underflow in xmlParseAttValueComplex

by Red Hat Bugzilla

Product: Security Response https://bugzilla.redhat.com/show_bug.cgi?id=880466 Huzaifa S. Sidhpurwala <huzaifas(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |891480 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=qKgCpsYnA6&a=cc_unsubscribe

11 years, 3 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

mingw January 2013