https://bugzilla.redhat.com/show_bug.cgi?id=858914
Bug ID: 858914
Keywords: Security, SecurityTracking
Blocks: 822109 (CVE-2011-3102)
QA Contact: extras-qa(a)fedoraproject.org
Severity: low
Version: el5
Priority: low
CC: fedora-mingw(a)lists.fedoraproject.org,
lfarkas(a)lfarkas.org, rjones(a)redhat.com,
veillard(a)redhat.com
Assignee: rjones(a)redhat.com
Summary: CVE-2011-3102 libxml: An off-by-one out-of-bounds
write by XPointer part evaluation [epel-5]
Regression: ---
Story Points: ---
Classification: Fedora
OS: Linux
Reporter: huzaifas(a)redhat.com
Type: ---
Documentation: ---
Hardware: All
Mount Type: ---
Status: NEW
Component: mingw32-libxml2
Product: Fedora EPEL
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=822109
epel-5 tracking bug for mingw32-libxml2: see blocks bug list for full details
of the security issue(s).
[bug automatically created by: add-tracking-bugs]
--
You are receiving this mail because:
You are on the CC list for the bug.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: CVE-2012-0841 libxml2: hash table collisions CPU usage DoS [epel-5]
https://bugzilla.redhat.com/show_bug.cgi?id=795700
Summary: CVE-2012-0841 libxml2: hash table collisions CPU usage
DoS [epel-5]
Product: Fedora EPEL
Version: el5
Platform: All
OS/Version: Linux
Status: NEW
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Component: mingw32-libxml2
AssignedTo: rjones(a)redhat.com
ReportedBy: huzaifas(a)redhat.com
QAContact: extras-qa(a)fedoraproject.org
CC: lfarkas(a)lfarkas.org, veillard(a)redhat.com,
rjones(a)redhat.com,
fedora-mingw(a)lists.fedoraproject.org
Blocks: 787067
Classification: Fedora
Story Points: ---
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=787067
epel-5 tracking bug for mingw32-libxml2: see blocks bug list for full details
of the security issue(s).
[bug automatically created by: add-tracking-bugs]
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: CVE-2011-2690 libpng: buffer overwrite in png_rgb_to_gray [epel-5]
https://bugzilla.redhat.com/show_bug.cgi?id=721312
Summary: CVE-2011-2690 libpng: buffer overwrite in
png_rgb_to_gray [epel-5]
Product: Fedora EPEL
Version: el5
Platform: All
OS/Version: Linux
Status: NEW
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Component: mingw32-libpng
AssignedTo: rjones(a)redhat.com
ReportedBy: huzaifas(a)redhat.com
QAContact: extras-qa(a)fedoraproject.org
CC: lfarkas(a)lfarkas.org, rjones(a)redhat.com,
fedora-mingw(a)lists.fedoraproject.org
Blocks: 720607
Classification: Fedora
Story Points: ---
epel-5 tracking bug for mingw32-libpng: see blocks bug list for full details of
the security issue(s).
This bug is never intended to be made public, please put any public notes
in the 'blocks' bugs.
[bug automatically created by: add-tracking-bugs]
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1086671
Bug ID: 1086671
Summary: CVE-2013-7353 mingw-libpng: libpng: integer overflow
leading to a heap-based buffer overflow in
png_set_unknown_chunks() [fedora-19]
Product: Fedora
Version: 19
Component: mingw-libpng
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: rjones(a)redhat.com
Reporter: huzaifas(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
ktietz(a)redhat.com, lfarkas(a)lfarkas.org,
rjones(a)redhat.com
Blocks: 1086514 (CVE-2013-7353)
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
fedora-19 tracking bug for mingw-libpng: see blocks bug list for full details
of the security issue(s).
[bug automatically created by: add-tracking-bugs]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1086514
[Bug 1086514] CVE-2013-7353 libpng: integer overflow leading to a
heap-based buffer overflow in png_set_unknown_chunks()
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=dm32xSP5nD&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1074648
Bug ID: 1074648
Summary: CVE-2014-2240 mingw-freetype: freetype: OOB
stack-based read/write in cf2_hintmap_build()
[fedora-20]
Product: Fedora
Version: 20
Component: mingw-freetype
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: rjones(a)redhat.com
Reporter: vdanen(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
lfarkas(a)lfarkas.org, rjones(a)redhat.com
Blocks: 1074646 (CVE-2014-2240)
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
fedora-20 tracking bug for mingw-freetype: see blocks bug list for full details
of the security issue(s).
[bug automatically created by: add-tracking-bugs]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1074646
[Bug 1074646] CVE-2014-2240 freetype: OOB stack-based read/write in
cf2_hintmap_build()
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=zK27i6Rkr1&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1074649
Bug ID: 1074649
Summary: CVE-2014-2240 mingw-freetype: freetype: OOB
stack-based read/write in cf2_hintmap_build()
[fedora-19]
Product: Fedora
Version: 19
Component: mingw-freetype
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: rjones(a)redhat.com
Reporter: vdanen(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
lfarkas(a)lfarkas.org, rjones(a)redhat.com
Blocks: 1074646 (CVE-2014-2240)
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
fedora-19 tracking bug for mingw-freetype: see blocks bug list for full details
of the security issue(s).
[bug automatically created by: add-tracking-bugs]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1074646
[Bug 1074646] CVE-2014-2240 freetype: OOB stack-based read/write in
cf2_hintmap_build()
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=WvLZALxG0Q&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=1043744
Bug ID: 1043744
Summary: CVE-2013-6425 mingw-pixman: pixman: integer underflow
when handling trapezoids [fedora-all]
Product: Fedora
Version: 19
Component: mingw-pixman
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: rjones(a)redhat.com
Reporter: huzaifas(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
lfarkas(a)lfarkas.org, rjones(a)redhat.com
Blocks: 1037975 (CVE-2013-6425)
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue affects multiple supported versions of Fedora.
Only one tracking bug has been filed; please ensure that it is only closed
when all affected versions are fixed.
[bug automatically created by: add-tracking-bugs]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1037975
[Bug 1037975] CVE-2013-6425 pixman: integer underflow when handling
trapezoids
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=owlZAibmE1&a=cc_unsubscribe
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: cannot link with _ftime_s
https://bugzilla.redhat.com/show_bug.cgi?id=795426
Summary: cannot link with _ftime_s
Product: Fedora
Version: rawhide
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: unspecified
Priority: unspecified
Component: mingw32-gcc
AssignedTo: rjones(a)redhat.com
ReportedBy: cfergeau(a)redhat.com
QAContact: extras-qa(a)fedoraproject.org
CC: rjones(a)redhat.com, kalevlember(a)gmail.com,
erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org
Classification: Fedora
Story Points: ---
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
// $ i686-w64-mingw32-gcc -Wimplicit-function-declaration ./ftime.c
//
// /tmp/ccdYAiqO.o:ftime.c:(.text+0x16): undefined reference to`_imp___ftime_s'
// collect2: error: ld returned 1 exit status
//
// No warning, this means the function is declared in headers (gcc -E shows
// it comes from sec_api/sys/timeb_s.h) but it's not available at link time.
/*
$ rpm -qa mingw32*
mingw32-binutils-2.22.51-3.fc17_cross.x86_64
mingw32-gcc-4.7.0-0.3.20120123.fc16_cross.x86_64
mingw32-filesystem-92-1.fc18_cross.noarch
mingw32-cpp-4.7.0-0.3.20120123.fc16_cross.x86_64
mingw32-headers-2.0.999-0.1.trunk.20120120.fc17_cross.noarch
mingw32-crt-2.0.999-0.3.trunk.20120124.fc17_cross.noarch
mingw32-gcc-c++-4.7.0-0.3.20120123.fc16_cross.x86_64
*/
#include <stdlib.h> // for NULL
#include <sys/timeb.h>
int main(int argc, char **argv)
{
_ftime_s(NULL);
return 0;
}
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1056858
Bug ID: 1056858
Summary: CVE-2013-6954 mingw-libpng: libpng: unhandled
zero-length PLTE chunk or NULL palette [fedora-19]
Product: Fedora
Version: 19
Component: mingw-libpng
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: rjones(a)redhat.com
Reporter: huzaifas(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
ktietz(a)redhat.com, lfarkas(a)lfarkas.org,
rjones(a)redhat.com
Blocks: 1045561 (CVE-2013-6954)
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
fedora-19 tracking bug for mingw-libpng: see blocks bug list for full details
of the security issue(s).
[bug automatically created by: add-tracking-bugs]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1045561
[Bug 1045561] CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or
NULL palette
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Un14vuFRae&a=cc_unsubscribe
https://bugzilla.redhat.com/show_bug.cgi?id=858073
Bug ID: 858073
QA Contact: extras-qa(a)fedoraproject.org
Severity: unspecified
Version: rawhide
Priority: unspecified
CC: fedora-mingw(a)lists.fedoraproject.org,
notting(a)redhat.com,
package-review(a)lists.fedoraproject.org
Assignee: nobody(a)fedoraproject.org
Summary: Review Request: mingw-qt5-qtpim - Qt5 for Windows -
QtPim component
Regression: ---
Story Points: ---
Classification: Fedora
OS: Unspecified
Reporter: erik-fedora(a)vanpienbroek.nl
Type: Bug
Documentation: ---
Hardware: Unspecified
Mount Type: ---
Status: NEW
Component: Package Review
Product: Fedora
Spec URL:
http://svn.openftd.org/svn/fedora_cross/mingw-qt5-qtpim/mingw-qt5-qtpim.spec
SRPM URL:
http://ftd4linux.nl/contrib/mingw-qt5-qtpim-5.0.0-0.1.beta1.fc17.src.rpm
Fedora Account System Username: epienbro
Description:
This package contains the Qt software toolkit for developing
cross-platform applications.
This is the Windows version of Qt, for use in conjunction with the
Fedora Windows cross-compiler.
--
You are receiving this mail because:
You are on the CC list for the bug.