mingw January 2015

mingw@lists.fedoraproject.org

8 participants
75 discussions

[Bug 1177278] CVE-2014-8964 mingw-pcre: pcre: incorrect handling of zero-repeat assertion conditions [fedora-all]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1177278 Fedora Update System <updates(a)fedoraproject.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Fixed In Version|mingw-pcre-8.33-4.fc20 |mingw-pcre-8.35-1.fc21 --- Comment #13 from Fedora Update System <updates(a)fedoraproject.org> --- mingw-pcre-8.35-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=p3nH2jOxY1&a=cc_unsubscribe

9 years, 3 months

1
0
0 / 0

[Bug 1177278] CVE-2014-8964 mingw-pcre: pcre: incorrect handling of zero-repeat assertion conditions [fedora-all]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1177278 Fedora Update System <updates(a)fedoraproject.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Fixed In Version| |mingw-pcre-8.33-4.fc20 Resolution|--- |ERRATA Last Closed| |2015-01-05 02:34:08 --- Comment #12 from Fedora Update System <updates(a)fedoraproject.org> --- mingw-pcre-8.33-4.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Or3OOWrbkP&a=cc_unsubscribe

9 years, 3 months

1
0
0 / 0

[Bug 1172633] New: freetype: OOB stack-based read/write in cf2_hintmap_build() (incomplete fix for CVE-2014-2240).

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1172633 Bug ID: 1172633 Summary: freetype: OOB stack-based read/write in cf2_hintmap_build() (incomplete fix for CVE-2014-2240). Product: Security Response Component: vulnerability Keywords: Security Severity: high Priority: high Assignee: security-response-team(a)redhat.com Reporter: vkaigoro(a)redhat.com CC: behdad(a)fedoraproject.org, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, fonts-bugs(a)lists.fedoraproject.org, kevin(a)tigcc.ticalc.org, lfarkas(a)lfarkas.org, mkasik(a)redhat.com, rjones(a)redhat.com It was reported [1] that Freetype before 2.5.4 suffers from an out-of-bounds stack-based read/write flaw in cf2_hintmap_build() in the CFF rasterizing code, which could lead to a buffer overflow. This is due to an incomplete fix for CVE-2014-2240. Upstream patch is at [2] Upstream bug with some additional info is at [3]. This new CFF handling code was introduced in Freetype 2.4.12 (new Type 2 interpreter and hinter); earlier versions are not affected. This is fixed in 2.5.4 [4]. [1]: https://bugs.mageia.org/show_bug.cgi?id=14771 [2]: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0eae6e... [3]: http://savannah.nongnu.org/bugs/?43661 [4]: http://sourceforge.net/projects/freetype/files/freetype2/2.5.4/ Statement: Not vulnerable. This issue did not affect the versions of freetype as shipped with Red Hat Enterprise Linux 5, 6 and 7. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=yLFKJV2zPY&a=cc_unsubscribe

9 years, 3 months

1
12
0 / 0

[Bug 1162578] New: CVE-2014-8501 mingw-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1162578 Bug ID: 1162578 Summary: CVE-2014-8501 mingw-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all] Product: Fedora Version: 20 Component: mingw-binutils Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: rjones(a)redhat.com Reporter: vkaigoro(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, kalevlember(a)gmail.com, ktietz(a)redhat.com, rjones(a)redhat.com Blocks: 1162570 (CVE-2014-8501) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While only one tracking bug has been filed, please correct all affected versions at the same time. If you need to fix the versions independent of each other, you may clone this bug as appropriate. [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1162570 [Bug 1162570] CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=UaCDXMxyc2&a=cc_unsubscribe

9 years, 3 months

1
8
0 / 0

Version Discrepancy Report

by Michael Cronenworth

------------------------------------------ MinGW/native package version discrepancies ------------------------------------------ Fedora N Matches Found: 43 Fedora Rawhide Matches Found: 55 +---------------------------------------------+ | f21 | rawhide | owner | +------------------------------+---------------+---------------+-------------+ | adwaita-icon-theme | | 3.15.1 | | | mingw-adwaita-icon-theme | | 3.14.1 | rhughes | +------------------------------+---------------+---------------+-------------+ | atk | | 2.15.3 | | | mingw-atk | | 2.14.0 | epienbro | +------------------------------+---------------+---------------+-------------+ | cairo | 1.13.1 | 1.14.0 | | | mingw-cairo | 1.12.16 | 1.12.16 | rjones | +------------------------------+---------------+---------------+-------------+ | colorhug-client | | 0.2.5 | | | mingw-colorhug-client | | 0.2.4 | rhughes | +------------------------------+---------------+---------------+-------------+ | cxxtest | 4.4 | 4.4 | | | mingw-cxxtest | 3.10.1 | 3.10.1 | astokes | +------------------------------+---------------+---------------+-------------+ | dbus-glib | 0.100.2 | 0.100.2 | | | mingw-dbus-glib | 0.102 | 0.102 | greghellings | +------------------------------+---------------+---------------+-------------+ | freeimage | 3.10.0 | 3.10.0 | | | mingw-freeimage | 3.15.4 | 3.15.4 | smani | +------------------------------+---------------+---------------+-------------+ | gdb | 7.8.1 | 7.8.1 | | | mingw-gdb | 7.7 | 7.7 | kalev | +------------------------------+---------------+---------------+-------------+ | gdbm | 1.11 | 1.11 | | | mingw-gdbm | 1.10 | 1.10 | rjones | +------------------------------+---------------+---------------+-------------+ | gettext | 0.19.4 | 0.19.4 | | | mingw-gettext | 0.18.3.2 | 0.18.3.2 | rjones | +------------------------------+---------------+---------------+-------------+ | giflib | 4.1.6 | 4.1.6 | | | mingw-giflib | 5.0.5 | 5.0.5 | smani | +------------------------------+---------------+---------------+-------------+ | glib-networking | | 2.43.1 | | | mingw-glib-networking | | 2.42.0 | kalev | +------------------------------+---------------+---------------+-------------+ | glib2 | | 2.43.2 | | | mingw-glib2 | | 2.42.1 | epienbro | +------------------------------+---------------+---------------+-------------+ | glibmm24 | | 2.43.2 | | | mingw-glibmm24 | | 2.42.0 | sailer | +------------------------------+---------------+---------------+-------------+ | gtk3 | 3.14.6 | 3.15.3 | | | mingw-gtk3 | 3.14.5 | 3.14.5 | kalev | +------------------------------+---------------+---------------+-------------+ | gtkhtml3 | 4.8.5 | 4.8.5 | | | mingw-gtkhtml3 | 4.6.6 | 4.6.6 | epienbro | +------------------------------+---------------+---------------+-------------+ | gtkmm30 | | 3.15.3 | | | mingw-gtkmm30 | | 3.14.0 | kalev | +------------------------------+---------------+---------------+-------------+ | gtksourceview3 | | 3.15.2 | | | mingw-gtksourceview3 | | 3.14.2 | kalev | +------------------------------+---------------+---------------+-------------+ | hicolor-icon-theme | 0.14 | 0.14 | | | mingw-hicolor-icon-theme | 0.13 | 0.13 | rhughes | +------------------------------+---------------+---------------+-------------+ | hunspell | 1.3.3 | 1.3.3 | | | mingw-hunspell | 1.3.2 | 1.3.2 | epienbro | +------------------------------+---------------+---------------+-------------+ | icu | 52.1 | 53.1 | | | mingw-icu | 50.1.2 | 50.1.2 | pfor | +------------------------------+---------------+---------------+-------------+ | libffi | 3.1 | 3.1 | | | mingw-libffi | 3.0.13 | 3.0.13 | bonzini | +------------------------------+---------------+---------------+-------------+ | libgpg-error | 1.13 | 1.16 | | | mingw-libgpg-error | 1.12 | 1.12 | rjones | +------------------------------+---------------+---------------+-------------+ | libgsf | 1.14.29 | 1.14.29 | | | mingw-libgsf | 1.14.30 | 1.14.30 | greghellings | +------------------------------+---------------+---------------+-------------+ | libidn | | 1.29 | | | mingw-libidn | | 1.28 | epienbro | +------------------------------+---------------+---------------+-------------+ | libjpeg-turbo | | 1.3.90 | | | mingw-libjpeg-turbo | | 1.3.1 | epienbro | +------------------------------+---------------+---------------+-------------+ | libogg | | 1.3.2 | | | mingw-libogg | | 1.3.0 | kraxel | +------------------------------+---------------+---------------+-------------+ | libosinfo | 0.2.11 | 0.2.11 | | | mingw-libosinfo | 0.2.8 | 0.2.8 | berrange | +------------------------------+---------------+---------------+-------------+ | libpng | | 1.6.14 | | | mingw-libpng | | 1.6.10 | rjones | +------------------------------+---------------+---------------+-------------+ | libsigsegv | 2.10 | 2.10 | | | mingw-libsigsegv | 2.6 | 2.6 | bonzini | +------------------------------+---------------+---------------+-------------+ | libsoup | 2.48.1 | 2.49.1 | | | mingw-libsoup | 2.48.0 | 2.48.0 | epienbro | +------------------------------+---------------+---------------+-------------+ | llvm | 3.5.0 | 3.5.0 | | | mingw-llvm | 3.0 | 3.0 | brouhaha | +------------------------------+---------------+---------------+-------------+ | openjpeg | 1.5.1 | 1.5.1 | | | mingw-openjpeg | 1.5.2 | 1.5.2 | smani | +------------------------------+---------------+---------------+-------------+ | qpid-cpp | 0.30 | 0.30 | | | mingw-qpid-cpp | 0.14 | 0.14 | beekhof | +------------------------------+---------------+---------------+-------------+ | qt5-qtdeclarative | 5.4.0 | 5.4.0 | | | mingw-qt5-qtdeclarative | 5.3.2 | 5.3.2 | epienbro | +------------------------------+---------------+---------------+-------------+ | qt5-qtgraphicaleffects | 5.4.0 | 5.4.0 | | | mingw-qt5-qtgraphicaleffects | 5.3.2 | 5.3.2 | epienbro | +------------------------------+---------------+---------------+-------------+ | qt5-qtimageformats | 5.4.0 | 5.4.0 | | | mingw-qt5-qtimageformats | 5.3.2 | 5.3.2 | epienbro | +------------------------------+---------------+---------------+-------------+ | qt5-qtlocation | 5.4.0 | 5.4.0 | | | mingw-qt5-qtlocation | 5.3.2 | 5.3.2 | epienbro | +------------------------------+---------------+---------------+-------------+ | qt5-qtmultimedia | 5.4.0 | 5.4.0 | | | mingw-qt5-qtmultimedia | 5.3.2 | 5.3.2 | epienbro | +------------------------------+---------------+---------------+-------------+ | qt5-qtquick1 | 5.4.0 | 5.4.0 | | | mingw-qt5-qtquick1 | 5.3.2 | 5.3.2 | epienbro | +------------------------------+---------------+---------------+-------------+ | qt5-qtscript | 5.4.0 | 5.4.0 | | | mingw-qt5-qtscript | 5.3.2 | 5.3.2 | epienbro | +------------------------------+---------------+---------------+-------------+ | qt5-qtsensors | 5.4.0 | 5.4.0 | | | mingw-qt5-qtsensors | 5.3.2 | 5.3.2 | epienbro | +------------------------------+---------------+---------------+-------------+ | qt5-qtsvg | 5.4.0 | 5.4.0 | | | mingw-qt5-qtsvg | 5.3.2 | 5.3.2 | epienbro | +------------------------------+---------------+---------------+-------------+ | qt5-qttools | 5.4.0 | 5.4.0 | | | mingw-qt5-qttools | 5.3.2 | 5.3.2 | epienbro | +------------------------------+---------------+---------------+-------------+ | qt5-qttranslations | 5.4.0 | 5.4.0 | | | mingw-qt5-qttranslations | 5.3.2 | 5.3.2 | epienbro | +------------------------------+---------------+---------------+-------------+ | qt5-qtwebkit | 5.4.0 | 5.4.0 | | | mingw-qt5-qtwebkit | 5.3.2 | 5.3.2 | epienbro | +------------------------------+---------------+---------------+-------------+ | qwt | 6.1.1 | 6.1.2 | | | mingw-qwt | 6.1.0 | 6.1.1 | sailer | +------------------------------+---------------+---------------+-------------+ | readline | 6.3 | 6.3 | | | mingw-readline | 6.2 | 6.2 | rjones | +------------------------------+---------------+---------------+-------------+ | shapelib | 1.3.0f | 1.3.0f | | | mingw-shapelib | 1.3.0 | 1.3.0 | smani | +------------------------------+---------------+---------------+-------------+ | spice-protocol | 0.12.7 | 0.12.7 | | | mingw-spice-protocol | 0.12.4 | 0.12.4 | kraxel | +------------------------------+---------------+---------------+-------------+ | sqlite | 3.8.7.4 | 3.8.7.4 | | | mingw-sqlite | 3.8.4.3 | 3.8.4.3 | rjones | +------------------------------+---------------+---------------+-------------+ | tk | 8.6.3 | 8.6.3 | | | mingw-tk | 8.6.1 | 8.6.1 | roma | +------------------------------+---------------+---------------+-------------+ | usbredir | 0.7 | 0.7 | | | mingw-usbredir | 0.6 | 0.6 | elmarco | +------------------------------+---------------+---------------+-------------+ | webkitgtk | 2.4.7 | 2.4.7 | | | mingw-webkitgtk | 2.2.8 | 2.2.8 | epienbro | +------------------------------+---------------+---------------+-------------+ | webkitgtk3 | 2.4.7 | 2.4.7 | | | mingw-webkitgtk3 | 2.2.8 | 2.2.8 | kalev | +------------------------------+---------------+---------------+-------------+

9 years, 3 months

1
0
0 / 0

← Newer
1
2
3
4
5
6
7
8
Older →

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

mingw January 2015