May 2014 - mingw - Fedora Mailing-Lists

[Bug 1045561] CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or NULL palette

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1045561 Bug 1045561 depends on bug 1056858, which changed state. Bug 1056858 Summary: CVE-2013-6954 mingw-libpng: libpng: unhandled zero-length PLTE chunk or NULL palette [fedora-19] https://bugzilla.redhat.com/show_bug.cgi?id=1056858 What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |RAWHIDE -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=dujwixQ9Xd&a=cc_unsubscribe

9 years, 11 months

1
0
0 / 0

[Bug 1056858] New: CVE-2013-6954 mingw-libpng: libpng: unhandled zero-length PLTE chunk or NULL palette [fedora-19]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1056858 Bug ID: 1056858 Summary: CVE-2013-6954 mingw-libpng: libpng: unhandled zero-length PLTE chunk or NULL palette [fedora-19] Product: Fedora Version: 19 Component: mingw-libpng Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: rjones(a)redhat.com Reporter: huzaifas(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, ktietz(a)redhat.com, lfarkas(a)lfarkas.org, rjones(a)redhat.com Blocks: 1045561 (CVE-2013-6954) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please use the bodhi submission link noted in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the Bodhi notes field when available. fedora-19 tracking bug for mingw-libpng: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1045561 [Bug 1045561] CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or NULL palette -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Un14vuFRae&a=cc_unsubscribe

9 years, 11 months

1
2
0 / 0

[Bug 1045561] CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or NULL palette

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1045561 Bug 1045561 depends on bug 1056853, which changed state. Bug 1056853 Summary: CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or NULL palette [fedora-20] https://bugzilla.redhat.com/show_bug.cgi?id=1056853 What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=G1wvSSD9Hq&a=cc_unsubscribe

9 years, 11 months

1
0
0 / 0

[Bug 1057909] Review Request: mingw-qt5-qtquickcontrols - Qt5 for Windows - QtQuickControls component

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1057909 --- Comment #2 from Erik van Pienbroek <erik-fedora(a)vanpienbroek.nl> --- Updated Spec URL: http://svn.nntpgrab.nl/svn/fedora_cross/mingw-qt5-qtquickcontrols/mingw-q... Updated SRPM URL: http://koji.vanpienbroek.nl/kojifiles/packages/mingw-qt5-qtquickcontrols/... Koji scratch build: https://koji.vanpienbroek.nl/koji/buildinfo?buildID=210 * Sun May 25 2014 Erik van Pienbroek <epienbro(a)fedoraproject.org> - 5.3.0-1 - Update to 5.3.0 - Make sure the .dll.a files are included in the main packages -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=pNoryCWgaj&a=cc_unsubscribe

9 years, 11 months

1
0
0 / 0

[Bug 858073] New: Review Request: mingw-qt5-qtpim - Qt5 for Windows - QtPim component

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=858073 Bug ID: 858073 QA Contact: extras-qa(a)fedoraproject.org Severity: unspecified Version: rawhide Priority: unspecified CC: fedora-mingw(a)lists.fedoraproject.org, notting(a)redhat.com, package-review(a)lists.fedoraproject.org Assignee: nobody(a)fedoraproject.org Summary: Review Request: mingw-qt5-qtpim - Qt5 for Windows - QtPim component Regression: --- Story Points: --- Classification: Fedora OS: Unspecified Reporter: erik-fedora(a)vanpienbroek.nl Type: Bug Documentation: --- Hardware: Unspecified Mount Type: --- Status: NEW Component: Package Review Product: Fedora Spec URL: http://svn.openftd.org/svn/fedora_cross/mingw-qt5-qtpim/mingw-qt5-qtpim.spec SRPM URL: http://ftd4linux.nl/contrib/mingw-qt5-qtpim-5.0.0-0.1.beta1.fc17.src.rpm Fedora Account System Username: epienbro Description: This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler. -- You are receiving this mail because: You are on the CC list for the bug.

9 years, 11 months

1
10
0 / 0

[Bug 858065] New: Review Request: mingw-qt5-qtfeedback - Qt5 for Windows - QtFeedback component

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=858065 Bug ID: 858065 QA Contact: extras-qa(a)fedoraproject.org Severity: unspecified Version: rawhide Priority: unspecified CC: fedora-mingw(a)lists.fedoraproject.org, notting(a)redhat.com, package-review(a)lists.fedoraproject.org Assignee: nobody(a)fedoraproject.org Summary: Review Request: mingw-qt5-qtfeedback - Qt5 for Windows - QtFeedback component Regression: --- Story Points: --- Classification: Fedora OS: Unspecified Reporter: erik-fedora(a)vanpienbroek.nl Type: Bug Documentation: --- Hardware: Unspecified Mount Type: --- Status: NEW Component: Package Review Product: Fedora Spec URL: http://svn.openftd.org/svn/fedora_cross/mingw-qt5-qtfeedback/mingw-qt5-qt... SRPM URL: http://ftd4linux.nl/contrib/mingw-qt5-qtfeedback-5.0.0-0.1.beta1.fc17.src... Fedora Account System Username: epienbro Description: This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler. -- You are receiving this mail because: You are on the CC list for the bug.

9 years, 11 months

1
11
0 / 0

[Bug 1095664] New: Crash in g_type_free_instance for instance objects at an address > 4GB on win64

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1095664 Bug ID: 1095664 Summary: Crash in g_type_free_instance for instance objects at an address > 4GB on win64 Product: Fedora Version: 20 Component: mingw-glib2 Severity: medium Assignee: rjones(a)redhat.com Reporter: bernhard.loos(a)ruecker.de QA Contact: extras-qa(a)fedoraproject.org CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, kalevlember(a)gmail.com, lfarkas(a)lfarkas.org, marcandre.lureau(a)redhat.com, rjones(a)redhat.com, t.sailer(a)alumni.ethz.ch Description of problem: For some reason, glib2 is compiled with valgrind support. This leads to a special code sequence to check if valgrind is running. Among other things, this code sequence also contains an xchg ebx, ebx instruction. In g_type_free_instance, the address of the memory to be freed is stored in rbx, and the xchg ebx,ebx zeros out the upper 32bit of the address. This has no effect for most programs, but for large programs which use more then 4GB of memory, it will lead to suprise crashes. IMPORTANT: The valgrind check only happens for types with private data. Adding NVALGRIND=1 to the compiler defines disables valgrind support and fixes the problem. Version-Release number of selected component (if applicable): mingw64-glib2-2.38.2-1.fc20 How reproducible: always Steps to Reproduce: 1. Use loads of memory 2. create a GTypeInstance (with private data or the bug won't trigger) at an address > 4GB. Most GObject types should also work 3. free the instance with g_type_free_instance (or g_object_unref) 4. -> crash -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=KFtUOGV4mk&a=cc_unsubscribe

9 years, 11 months

1
14
0 / 0

[Bug 1077023] CVE-2014-2524 readline: insecure temporary file use in _rl_tropen()

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1077023 --- Comment #7 from Tomas Hoger <thoger(a)redhat.com> --- Fixed upstream in 6.3 patch 3 by making the code only get compiled in when building with -DDEBUG. http://lists.gnu.org/archive/html/bug-readline/2014-03/msg00057.html http://git.savannah.gnu.org/cgit/readline.git/commit/?id=8408f86 ftp://ftp.cwru.edu/pub/bash/readline-6.3-patches/readline63-003 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=zIKxd8qBqA&a=cc_unsubscribe

9 years, 11 months

1
0
0 / 0

[Bug 1045561] CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or NULL palette

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1045561 Bug 1045561 depends on bug 1056855, which changed state. Bug 1056855 Summary: CVE-2013-6954 libpng15: libpng: unhandled zero-length PLTE chunk or NULL palette [fedora-20] https://bugzilla.redhat.com/show_bug.cgi?id=1056855 What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |CURRENTRELEASE -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=X95ZHbt1EM&a=cc_unsubscribe

9 years, 11 months

1
0
0 / 0

[Bug 1077023] CVE-2014-2524 readline: insecure temporary file use in _rl_tropen()

by Red Hat Bugzilla

9 years, 11 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

mingw May 2014