June 2014 - mingw - Fedora Mailing-Lists

Mingw-w64 toolchain now available for RHEL7/CentOS7 (using EPEL)

by Erik van Pienbroek

Hi, Some days ago Red Hat Enterprise Linux 7 was released. I'm glad to announce that a large subset of all mingw packages which are in Fedora are now also available in EPEL7 (the community supported set of additional packages for RHEL7 and CentOS7). The mingw packages which are now available in EPEL7 are the most recent stable releases of the most popular packages. This includes the core packages of the GNOME 3.12 stack (up to and including webkitgtk) and the entire Qt 4.8.6 and 5.3 stacks. The toolchain itself consists of binutils 2.24, gcc 4.9 and mingw-w64 trunk git b8e816 (dated 20140530). To install these packages, just install RHEL7 (or CentOS7 once it becomes available) and enable EPEL7 by installing http://download.fedoraproject.org/pub/epel/beta/7/x86_64/epel-release-7-0... Afterwards the mingw packages can be installed in the exact same way as is done for regular Fedora environments. For those new to using mingw-w64 on Fedora or RHEL a tutorial can be found at https://fedoraproject.org/wiki/MinGW/Tutorial Here's the entire list of mingw packages which are currently available on EPEL7: mingw-SDL-1.2.15-3.el7 mingw-SDL_image-1.2.12-8.el7 mingw-SDL_mixer-1.2.12-3.el7 mingw-angleproject-0-0.9.svn2215.20130517.el7 mingw-atk-2.12.0-1.el7 mingw-binutils-2.24-1.el7 mingw-boost-1.54.0-1.el7 mingw-bzip2-1.0.6-3.el7 mingw-cairo-1.12.16-2.el7 mingw-crt-3.1.999-0.10.trunk.gitb8e816.20140530.el7 mingw-curl-7.37.0-1.el7 mingw-dbus-1.6.12-1.el7 mingw-enchant-1.6.0-8.el7 mingw-expat-2.1.0-4.el7 mingw-filesystem-99-4.el7 mingw-flac-1.3.0-2.el7 mingw-fontconfig-2.11.1-1.el7 mingw-freetype-2.5.3-1.el7 mingw-gcc-4.9.0-1.el7 mingw-gdb-7.7-1.el7 mingw-gdk-pixbuf-2.30.8-1.el7 mingw-gettext-0.18.3.2-1.el7 mingw-glib-networking-2.38.2-2.el7 mingw-glib2-2.40.0-3.el7 mingw-gmp-5.1.1-3.el7 mingw-gnutls-3.3.2-2.el7 mingw-gstreamer1-1.3.2-1.el7 mingw-gstreamer1-plugins-base-1.3.2-1.el7 mingw-gtk2-2.24.23-1.el7 mingw-gtk3-3.12.2-1.el7 mingw-harfbuzz-0.9.28-1.el7 mingw-headers-3.1.999-0.10.trunk.gitb8e816.20140530.el7 mingw-hunspell-1.3.2-9.el7 mingw-icu-50.1.2-3.el7 mingw-jasper-1.900.1-21.el7 mingw-libffi-3.0.13-4.el7 mingw-libgcrypt-1.6.1-1.el7 mingw-libgpg-error-1.12-1.el7 mingw-libidn-1.28-2.el7 mingw-libjpeg-turbo-1.3.1-2.el7 mingw-libogg-1.3.0-4.el7 mingw-libpng-1.6.10-1.el7 mingw-libsoup-2.46.0-1.el7 mingw-libssh2-1.4.3-1.el7 mingw-libtasn1-3.6-1.el7 mingw-libtiff-4.0.3-4.el7 mingw-libvorbis-1.3.4-1.el7 mingw-libwebp-0.2.1-2.el7 mingw-libxml2-2.9.1-3.el7 mingw-libxslt-1.1.28-2.el7 mingw-nettle-2.7.1-2.el7 mingw-openssl-1.0.1e-6.el7 mingw-p11-kit-0.20.2-3.el7 mingw-pango-1.36.3-1.el7 mingw-pcre-8.34-1.el7 mingw-pdcurses-3.4-14.el7 mingw-pixman-0.32.0-1.el7 mingw-pkg-config-0.28-2.el7 mingw-postgresql-9.3.4-2.el7 mingw-qt-4.8.6-3.el7 mingw-qt5-qt3d-5.0.0-0.12.git20140525.bdb98ba.el7 mingw-qt5-qtbase-5.3.0-2.el7 mingw-qt5-qtdeclarative-5.3.0-2.el7 mingw-qt5-qtgraphicaleffects-5.3.0-2.el7 mingw-qt5-qtimageformats-5.3.0-2.el7 mingw-qt5-qtlocation-5.3.0-2.el7 mingw-qt5-qtmultimedia-5.3.0-2.el7 mingw-qt5-qtquick1-5.3.0-2.el7 mingw-qt5-qtscript-5.3.0-2.el7 mingw-qt5-qtsensors-5.3.0-2.el7 mingw-qt5-qtsvg-5.3.0-2.el7 mingw-qt5-qtsystems-5.0.0-0.14.git20140323.3f65ffa.el7 mingw-qt5-qttools-5.3.0-3.el7 mingw-qt5-qttranslations-5.3.0-1.el7 mingw-qt5-qtwebkit-5.3.0-2.el7 mingw-readline-6.2-4.el7 mingw-sqlite-3.8.4.3-1.el7 mingw-tcl-8.5.15-2.el7 mingw-termcap-1.3.1-15.el7 mingw-w64-tools-3.1.999-0.3.trunk.git502c72.20140524.el7 mingw-webkitgtk-2.2.7-2.el7 mingw-webkitgtk3-2.2.7-2.el7 mingw-win-iconv-0.0.6-1.el7 mingw-winpthreads-3.1.999-0.5.trunk.git502c72.20140524.el7 mingw-winstorecompat-3.1.999-0.1.trunk.git502c72.20140524.el7 mingw-xz-5.1.2-3alpha.el7 mingw-zlib-1.2.8-2.el7 Is your favorite package missing from this list and you want to have it available in EPEL7? Then there are some options: If the package is already in Fedora: - If you're a regular user then you can file a bug at http://bugzilla.redhat.com against the Fedora package in question where you ask the package maintainer if they're interested in making the package available for EPEL7 - If you're the package maintainer of the package in question then use https://fedoraproject.org/wiki/EPEL/epel7/Requests to request an epel7 branch for your package If the package is not in Fedora yet and you're willing to maintain it: - Write a RPM .spec file which follows the guidelines at https://fedoraproject.org/wiki/Packaging:MinGW and put it up for review using the instructions which can be found at https://fedoraproject.org/wiki/PackageMaintainers/Join Regards, Erik van Pienbroek Fedora MinGW SIG

9 years, 10 months

1
0
0 / 0

[Bug 1045561] CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or NULL palette

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1045561 --- Comment #32 from errata-xmlrpc <errata-xmlrpc(a)redhat.com> --- This issue has been addressed in following products: Via RHSA-2014:0705 https://rhn.redhat.com/errata/RHSA-2014-0705.html -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=TdVbu5HEpT&a=cc_unsubscribe

9 years, 10 months

1
0
0 / 0

[Bug 1031734] CVE-2013-6629 libjpeg: information leak (read of uninitialized memory)

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1031734 --- Comment #21 from errata-xmlrpc <errata-xmlrpc(a)redhat.com> --- This issue has been addressed in following products: Via RHSA-2014:0705 https://rhn.redhat.com/errata/RHSA-2014-0705.html -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Ia4GgHp3S8&a=cc_unsubscribe

9 years, 10 months

1
0
0 / 0

[Bug 1086671] New: CVE-2013-7353 mingw-libpng: libpng: integer overflow leading to a heap-based buffer overflow in png_set_unknown_chunks() [fedora-19]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1086671 Bug ID: 1086671 Summary: CVE-2013-7353 mingw-libpng: libpng: integer overflow leading to a heap-based buffer overflow in png_set_unknown_chunks() [fedora-19] Product: Fedora Version: 19 Component: mingw-libpng Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: rjones(a)redhat.com Reporter: huzaifas(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, ktietz(a)redhat.com, lfarkas(a)lfarkas.org, rjones(a)redhat.com Blocks: 1086514 (CVE-2013-7353) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please use the bodhi submission link noted in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the Bodhi notes field when available. fedora-19 tracking bug for mingw-libpng: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1086514 [Bug 1086514] CVE-2013-7353 libpng: integer overflow leading to a heap-based buffer overflow in png_set_unknown_chunks() -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=dm32xSP5nD&a=cc_unsubscribe

9 years, 10 months

1
8
0 / 0

[Bug 1074646] CVE-2014-2240 CVE-2014-2241 freetype: OOB stack-based read/write in cf2_hintmap_build()

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1074646 Bug 1074646 depends on bug 1074648, which changed state. Bug 1074648 Summary: CVE-2014-2240 mingw-freetype: freetype: OOB stack-based read/write in cf2_hintmap_build() [fedora-20] https://bugzilla.redhat.com/show_bug.cgi?id=1074648 What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=VjShNVGVRV&a=cc_unsubscribe

9 years, 10 months

1
0
0 / 0

[Bug 1074648] New: CVE-2014-2240 mingw-freetype: freetype: OOB stack-based read/write in cf2_hintmap_build() [fedora-20]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1074648 Bug ID: 1074648 Summary: CVE-2014-2240 mingw-freetype: freetype: OOB stack-based read/write in cf2_hintmap_build() [fedora-20] Product: Fedora Version: 20 Component: mingw-freetype Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: rjones(a)redhat.com Reporter: vdanen(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, lfarkas(a)lfarkas.org, rjones(a)redhat.com Blocks: 1074646 (CVE-2014-2240) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please use the bodhi submission link noted in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the Bodhi notes field when available. fedora-20 tracking bug for mingw-freetype: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1074646 [Bug 1074646] CVE-2014-2240 freetype: OOB stack-based read/write in cf2_hintmap_build() -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=zK27i6Rkr1&a=cc_unsubscribe

9 years, 10 months

1
5
0 / 0

[Bug 1031749] CVE-2013-6630 libjpeg: information leak (read of uninitialized memory)

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1031749 Bug 1031749 depends on bug 1031740, which changed state. Bug 1031740 Summary: CVE-2013-6629 CVE-2013-6630 mingw-libjpeg-turbo: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1031740 What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=HHWt0QO84E&a=cc_unsubscribe

9 years, 10 months

1
0
0 / 0

[Bug 1031734] CVE-2013-6629 libjpeg: information leak (read of uninitialized memory)

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1031734 Bug 1031734 depends on bug 1031740, which changed state. Bug 1031740 Summary: CVE-2013-6629 CVE-2013-6630 mingw-libjpeg-turbo: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1031740 What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=7QFSmZcyrU&a=cc_unsubscribe

9 years, 10 months

1
0
0 / 0

[Bug 1074646] CVE-2014-2240 CVE-2014-2241 freetype: OOB stack-based read/write in cf2_hintmap_build()

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1074646 Bug 1074646 depends on bug 1074649, which changed state. Bug 1074649 Summary: CVE-2014-2240 mingw-freetype: freetype: OOB stack-based read/write in cf2_hintmap_build() [fedora-19] https://bugzilla.redhat.com/show_bug.cgi?id=1074649 What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=QmtkfQLd4i&a=cc_unsubscribe

9 years, 10 months

1
0
0 / 0

[Bug 1074649] New: CVE-2014-2240 mingw-freetype: freetype: OOB stack-based read/write in cf2_hintmap_build() [fedora-19]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1074649 Bug ID: 1074649 Summary: CVE-2014-2240 mingw-freetype: freetype: OOB stack-based read/write in cf2_hintmap_build() [fedora-19] Product: Fedora Version: 19 Component: mingw-freetype Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: rjones(a)redhat.com Reporter: vdanen(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, lfarkas(a)lfarkas.org, rjones(a)redhat.com Blocks: 1074646 (CVE-2014-2240) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please use the bodhi submission link noted in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the Bodhi notes field when available. fedora-19 tracking bug for mingw-freetype: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1074646 [Bug 1074646] CVE-2014-2240 freetype: OOB stack-based read/write in cf2_hintmap_build() -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=WvLZALxG0Q&a=cc_unsubscribe

9 years, 10 months

1
5
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

mingw June 2014