April 2014 - mingw - Fedora Mailing-Lists

[Bug 858914] New: CVE-2011-3102 libxml: An off-by-one out-of-bounds write by XPointer part evaluation [epel-5]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=858914 Bug ID: 858914 Keywords: Security, SecurityTracking Blocks: 822109 (CVE-2011-3102) QA Contact: extras-qa(a)fedoraproject.org Severity: low Version: el5 Priority: low CC: fedora-mingw(a)lists.fedoraproject.org, lfarkas(a)lfarkas.org, rjones(a)redhat.com, veillard(a)redhat.com Assignee: rjones(a)redhat.com Summary: CVE-2011-3102 libxml: An off-by-one out-of-bounds write by XPointer part evaluation [epel-5] Regression: --- Story Points: --- Classification: Fedora OS: Linux Reporter: huzaifas(a)redhat.com Type: --- Documentation: --- Hardware: All Mount Type: --- Status: NEW Component: mingw32-libxml2 Product: Fedora EPEL This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected Fedora versions. For comments that are specific to the vulnerability please use bugs filed against "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please include this bug ID and the bug IDs of this bug's parent bugs filed against the "Security Response" product (the top-level CVE bugs). Please mention the CVE IDs being fixed in the RPM changelog when available. Bodhi update submission link: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=822109 epel-5 tracking bug for mingw32-libxml2: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] -- You are receiving this mail because: You are on the CC list for the bug.

9 years, 7 months

1
5
0 / 0

[Bug 795700] New: CVE-2012-0841 libxml2: hash table collisions CPU usage DoS [epel-5]

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: CVE-2012-0841 libxml2: hash table collisions CPU usage DoS [epel-5] https://bugzilla.redhat.com/show_bug.cgi?id=795700 Summary: CVE-2012-0841 libxml2: hash table collisions CPU usage DoS [epel-5] Product: Fedora EPEL Version: el5 Platform: All OS/Version: Linux Status: NEW Keywords: Security, SecurityTracking Severity: medium Priority: medium Component: mingw32-libxml2 AssignedTo: rjones(a)redhat.com ReportedBy: huzaifas(a)redhat.com QAContact: extras-qa(a)fedoraproject.org CC: lfarkas(a)lfarkas.org, veillard(a)redhat.com, rjones(a)redhat.com, fedora-mingw(a)lists.fedoraproject.org Blocks: 787067 Classification: Fedora Story Points: --- Type: --- Regression: --- Mount Type: --- Documentation: --- This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected Fedora versions. For comments that are specific to the vulnerability please use bugs filed against "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please include this bug ID and the bug IDs of this bug's parent bugs filed against the "Security Response" product (the top-level CVE bugs). Please mention the CVE IDs being fixed in the RPM changelog when available. Bodhi update submission link: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=787067 epel-5 tracking bug for mingw32-libxml2: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

9 years, 7 months

1
2
0 / 0

[Bug 721312] New: CVE-2011-2690 libpng: buffer overwrite in png_rgb_to_gray [epel-5]

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: CVE-2011-2690 libpng: buffer overwrite in png_rgb_to_gray [epel-5] https://bugzilla.redhat.com/show_bug.cgi?id=721312 Summary: CVE-2011-2690 libpng: buffer overwrite in png_rgb_to_gray [epel-5] Product: Fedora EPEL Version: el5 Platform: All OS/Version: Linux Status: NEW Keywords: Security, SecurityTracking Severity: medium Priority: medium Component: mingw32-libpng AssignedTo: rjones(a)redhat.com ReportedBy: huzaifas(a)redhat.com QAContact: extras-qa(a)fedoraproject.org CC: lfarkas(a)lfarkas.org, rjones(a)redhat.com, fedora-mingw(a)lists.fedoraproject.org Blocks: 720607 Classification: Fedora Story Points: --- epel-5 tracking bug for mingw32-libpng: see blocks bug list for full details of the security issue(s). This bug is never intended to be made public, please put any public notes in the 'blocks' bugs. [bug automatically created by: add-tracking-bugs] -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

9 years, 7 months

1
4
0 / 0

[Bug 1086671] New: CVE-2013-7353 mingw-libpng: libpng: integer overflow leading to a heap-based buffer overflow in png_set_unknown_chunks() [fedora-19]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1086671 Bug ID: 1086671 Summary: CVE-2013-7353 mingw-libpng: libpng: integer overflow leading to a heap-based buffer overflow in png_set_unknown_chunks() [fedora-19] Product: Fedora Version: 19 Component: mingw-libpng Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: rjones(a)redhat.com Reporter: huzaifas(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, ktietz(a)redhat.com, lfarkas(a)lfarkas.org, rjones(a)redhat.com Blocks: 1086514 (CVE-2013-7353) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please use the bodhi submission link noted in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the Bodhi notes field when available. fedora-19 tracking bug for mingw-libpng: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1086514 [Bug 1086514] CVE-2013-7353 libpng: integer overflow leading to a heap-based buffer overflow in png_set_unknown_chunks() -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=dm32xSP5nD&a=cc_unsubscribe

9 years, 10 months

1
8
0 / 0

[Bug 1074648] New: CVE-2014-2240 mingw-freetype: freetype: OOB stack-based read/write in cf2_hintmap_build() [fedora-20]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1074648 Bug ID: 1074648 Summary: CVE-2014-2240 mingw-freetype: freetype: OOB stack-based read/write in cf2_hintmap_build() [fedora-20] Product: Fedora Version: 20 Component: mingw-freetype Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: rjones(a)redhat.com Reporter: vdanen(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, lfarkas(a)lfarkas.org, rjones(a)redhat.com Blocks: 1074646 (CVE-2014-2240) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please use the bodhi submission link noted in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the Bodhi notes field when available. fedora-20 tracking bug for mingw-freetype: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1074646 [Bug 1074646] CVE-2014-2240 freetype: OOB stack-based read/write in cf2_hintmap_build() -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=zK27i6Rkr1&a=cc_unsubscribe

9 years, 10 months

1
5
0 / 0

[Bug 1074649] New: CVE-2014-2240 mingw-freetype: freetype: OOB stack-based read/write in cf2_hintmap_build() [fedora-19]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1074649 Bug ID: 1074649 Summary: CVE-2014-2240 mingw-freetype: freetype: OOB stack-based read/write in cf2_hintmap_build() [fedora-19] Product: Fedora Version: 19 Component: mingw-freetype Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: rjones(a)redhat.com Reporter: vdanen(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, lfarkas(a)lfarkas.org, rjones(a)redhat.com Blocks: 1074646 (CVE-2014-2240) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please use the bodhi submission link noted in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the Bodhi notes field when available. fedora-19 tracking bug for mingw-freetype: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1074646 [Bug 1074646] CVE-2014-2240 freetype: OOB stack-based read/write in cf2_hintmap_build() -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=WvLZALxG0Q&a=cc_unsubscribe

9 years, 10 months

1
5
0 / 0

[Bug 1043744] New: CVE-2013-6425 mingw-pixman: pixman: integer underflow when handling trapezoids [fedora-all]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1043744 Bug ID: 1043744 Summary: CVE-2013-6425 mingw-pixman: pixman: integer underflow when handling trapezoids [fedora-all] Product: Fedora Version: 19 Component: mingw-pixman Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: rjones(a)redhat.com Reporter: huzaifas(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, lfarkas(a)lfarkas.org, rjones(a)redhat.com Blocks: 1037975 (CVE-2013-6425) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please use the bodhi submission link noted in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the Bodhi notes field when available. Please note: this issue affects multiple supported versions of Fedora. Only one tracking bug has been filed; please ensure that it is only closed when all affected versions are fixed. [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1037975 [Bug 1037975] CVE-2013-6425 pixman: integer underflow when handling trapezoids -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=owlZAibmE1&a=cc_unsubscribe

9 years, 10 months

1
8
0 / 0

[Bug 795426] New: cannot link with _ftime_s

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: cannot link with _ftime_s https://bugzilla.redhat.com/show_bug.cgi?id=795426 Summary: cannot link with _ftime_s Product: Fedora Version: rawhide Platform: Unspecified OS/Version: Unspecified Status: NEW Severity: unspecified Priority: unspecified Component: mingw32-gcc AssignedTo: rjones(a)redhat.com ReportedBy: cfergeau(a)redhat.com QAContact: extras-qa(a)fedoraproject.org CC: rjones(a)redhat.com, kalevlember(a)gmail.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org Classification: Fedora Story Points: --- Type: --- Regression: --- Mount Type: --- Documentation: --- // $ i686-w64-mingw32-gcc -Wimplicit-function-declaration ./ftime.c // // /tmp/ccdYAiqO.o:ftime.c:(.text+0x16): undefined reference to`_imp___ftime_s' // collect2: error: ld returned 1 exit status // // No warning, this means the function is declared in headers (gcc -E shows // it comes from sec_api/sys/timeb_s.h) but it's not available at link time. /* $ rpm -qa mingw32* mingw32-binutils-2.22.51-3.fc17_cross.x86_64 mingw32-gcc-4.7.0-0.3.20120123.fc16_cross.x86_64 mingw32-filesystem-92-1.fc18_cross.noarch mingw32-cpp-4.7.0-0.3.20120123.fc16_cross.x86_64 mingw32-headers-2.0.999-0.1.trunk.20120120.fc17_cross.noarch mingw32-crt-2.0.999-0.3.trunk.20120124.fc17_cross.noarch mingw32-gcc-c++-4.7.0-0.3.20120123.fc16_cross.x86_64 */ #include <stdlib.h> // for NULL #include <sys/timeb.h> int main(int argc, char **argv) { _ftime_s(NULL); return 0; } -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

9 years, 11 months

1
4
0 / 0

[Bug 1056858] New: CVE-2013-6954 mingw-libpng: libpng: unhandled zero-length PLTE chunk or NULL palette [fedora-19]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1056858 Bug ID: 1056858 Summary: CVE-2013-6954 mingw-libpng: libpng: unhandled zero-length PLTE chunk or NULL palette [fedora-19] Product: Fedora Version: 19 Component: mingw-libpng Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: rjones(a)redhat.com Reporter: huzaifas(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, ktietz(a)redhat.com, lfarkas(a)lfarkas.org, rjones(a)redhat.com Blocks: 1045561 (CVE-2013-6954) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please use the bodhi submission link noted in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the Bodhi notes field when available. fedora-19 tracking bug for mingw-libpng: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1045561 [Bug 1045561] CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or NULL palette -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Un14vuFRae&a=cc_unsubscribe

9 years, 11 months

1
2
0 / 0

[Bug 858073] New: Review Request: mingw-qt5-qtpim - Qt5 for Windows - QtPim component

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=858073 Bug ID: 858073 QA Contact: extras-qa(a)fedoraproject.org Severity: unspecified Version: rawhide Priority: unspecified CC: fedora-mingw(a)lists.fedoraproject.org, notting(a)redhat.com, package-review(a)lists.fedoraproject.org Assignee: nobody(a)fedoraproject.org Summary: Review Request: mingw-qt5-qtpim - Qt5 for Windows - QtPim component Regression: --- Story Points: --- Classification: Fedora OS: Unspecified Reporter: erik-fedora(a)vanpienbroek.nl Type: Bug Documentation: --- Hardware: Unspecified Mount Type: --- Status: NEW Component: Package Review Product: Fedora Spec URL: http://svn.openftd.org/svn/fedora_cross/mingw-qt5-qtpim/mingw-qt5-qtpim.spec SRPM URL: http://ftd4linux.nl/contrib/mingw-qt5-qtpim-5.0.0-0.1.beta1.fc17.src.rpm Fedora Account System Username: epienbro Description: This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler. -- You are receiving this mail because: You are on the CC list for the bug.

9 years, 11 months

1
10
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

mingw April 2014