[Bug 1045561] CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or NULL palette
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1045561
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=low,public=20131219, |impact=low,public=20131219,
|reported=20131220,source=su |reported=20131220,source=su
|se,cvss2=4.3/AV:N/AC:M/Au:N |se,cvss2=4.3/AV:N/AC:M/Au:N
|/C:N/I:N/A:P,fedora-20/libp |/C:N/I:N/A:P,fedora-20/libp
|ng=affected,fedora-19/libpn |ng=affected,fedora-19/libpn
|g=affected,fedora-20/libpng |g=affected,fedora-20/libpng
|15=affected,fedora-all/libp |15=affected,fedora-all/libp
|ng12=affected,fedora-all/li |ng12=affected,fedora-all/li
|bpng10=affected,fedora-19/m |bpng10=affected,fedora-19/m
|ingw-libpng=affected,fedora |ingw-libpng=affected,fedora
|-20/mingw-libpng=affected,e |-20/mingw-libpng=affected,e
|pel-all/mingw32-libpng=affe |pel-all/mingw32-libpng=affe
|cted,epel-6/libpng10=affect |cted,epel-6/libpng10=affect
|ed,rhel-5/libpng=notaffecte |ed,rhel-5/libpng=notaffecte
|d,rhel-6/libpng=notaffected |d,rhel-6/libpng=notaffected
|,rhel-7/libpng=affected,rhe |,rhel-7/libpng=notaffected,
|l-7/libpng12=notaffected,rh |rhel-7/libpng12=notaffected
|el-5/java-1.5.0-ibm=notaffe |,rhel-5/java-1.5.0-ibm=nota
|cted,rhel-6/java-1.5.0-ibm= |ffected,rhel-6/java-1.5.0-i
|notaffected,rhel-5/java-1.6 |bm=notaffected,rhel-5/java-
|.0-ibm=affected,rhel-6/java |1.6.0-ibm=affected,rhel-6/j
|-1.6.0-ibm=affected,rhel-5/ |ava-1.6.0-ibm=affected,rhel
|java-1.7.0-ibm=affected,rhe |-5/java-1.7.0-ibm=affected,
|l-6/java-1.7.0-ibm=affected |rhel-6/java-1.7.0-ibm=affec
| |ted
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=I7HLyrbko5&a=cc_unsubscribe
8 years, 6 months
[Bug 1037975] CVE-2013-6425 pixman: integer underflow when handling trapezoids
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1037975
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=important,public=201 |impact=important,public=201
|30716,reported=20131204,sou |30716,reported=20131204,sou
|rce=oss-security,cvss2=6.8/ |rce=oss-security,cvss2=6.8/
|AV:N/AC:M/Au:N/C:P/I:P/A:P, |AV:N/AC:M/Au:N/C:P/I:P/A:P,
|fedora-all/pixman=affected, |fedora-all/pixman=affected,
|fedora-all/mingw-pixman=aff |fedora-all/mingw-pixman=aff
|ected,epel-5/mingw32-pixman |ected,epel-5/mingw32-pixman
|=affected,rhel-5/pixman=aff |=affected,rhel-5/pixman=aff
|ected,rhel-5/qpixman=notaff |ected,rhel-5/qpixman=notaff
|ected,rhel-6/pixman=affecte |ected,rhel-6/pixman=affecte
|d,rhel-7/pixman=affected,cw |d,rhel-7/pixman=notaffected
|e=CWE-190 |,cwe=CWE-190
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=gNttSXVgcl&a=cc_unsubscribe
8 years, 6 months
[Bug 1031749] CVE-2013-6630 libjpeg: information leak (read of uninitialized memory)
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1031749
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2013 |impact=moderate,public=2013
|1112,reported=20131114,sour |1112,reported=20131114,sour
|ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/
|AC:M/Au:N/C:P/I:N/A:N,rhel- |AC:M/Au:N/C:P/I:N/A:N,rhel-
|5/libjpeg=notaffected,rhel- |5/libjpeg=notaffected,rhel-
|6/libjpeg-turbo=affected,rh |6/libjpeg-turbo=affected,rh
|ev-h/libjpeg=affected,fedor |ev-h/libjpeg=affected,fedor
|a-all/libjpeg-turbo=affecte |a-all/libjpeg-turbo=affecte
|d,rhel-7/libjpeg-turbo=affe |d,rhel-7/libjpeg-turbo=nota
|cted,fedora-all/mingw-libjp |ffected,fedora-all/mingw-li
|eg-turbo=affected,epel-5/mi |bjpeg-turbo=affected,epel-5
|ngw32-libjpeg=affected,cwe= |/mingw32-libjpeg=affected,c
|CWE-456 |we=CWE-456
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=gSiQ3kf9VI&a=cc_unsubscribe
8 years, 6 months
[Bug 1031734] CVE-2013-6629 libjpeg: information leak (read of uninitialized memory)
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1031734
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2013 |impact=moderate,public=2013
|1112,reported=20131114,sour |1112,reported=20131114,sour
|ce=internet,cvss2=4.3/AV:N/ |ce=internet,cvss2=4.3/AV:N/
|AC:M/Au:N/C:P/I:N/A:N,rhel- |AC:M/Au:N/C:P/I:N/A:N,rhel-
|5/libjpeg=affected,rhel-6/l |5/libjpeg=affected,rhel-6/l
|ibjpeg-turbo=affected,rhev- |ibjpeg-turbo=affected,rhev-
|h/libjpeg=affected,fedora-a |h/libjpeg=affected,fedora-a
|ll/libjpeg-turbo=affected,r |ll/libjpeg-turbo=affected,r
|hel-7/libjpeg-turbo=affecte |hel-7/libjpeg-turbo=notaffe
|d,fedora-all/mingw-libjpeg- |cted,fedora-all/mingw-libjp
|turbo=affected,epel-5/mingw |eg-turbo=affected,epel-5/mi
|32-libjpeg=affected,rhel-5/ |ngw32-libjpeg=affected,rhel
|java-1.5.0-ibm=notaffected, |-5/java-1.5.0-ibm=notaffect
|rhel-6/java-1.5.0-ibm=notaf |ed,rhel-6/java-1.5.0-ibm=no
|fected,rhel-5/java-1.6.0-ib |taffected,rhel-5/java-1.6.0
|m=affected,rhel-6/java-1.6. |-ibm=affected,rhel-6/java-1
|0-ibm=affected,rhel-5/java- |.6.0-ibm=affected,rhel-5/ja
|1.7.0-ibm=affected,rhel-6/j |va-1.7.0-ibm=affected,rhel-
|ava-1.7.0-ibm=affected,cwe= |6/java-1.7.0-ibm=affected,c
|CWE-456 |we=CWE-456
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=rU71zDKvQI&a=cc_unsubscribe
8 years, 6 months
Version Discrepancy Report
by Michael Cronenworth
------------------------------------------
MinGW/native package version discrepancies
------------------------------------------
Fedora N Matches Found: 47
Fedora Rawhide Matches Found: 52
+---------------------------------------------+
| f23 | rawhide | owner |
+-----------------------+---------------+---------------+-------------+
| binutils | | 2.25.1 | |
| mingw-binutils | | 2.25 | epienbro |
+-----------------------+---------------+---------------+-------------+
| colord | 1.2.12 | 1.2.12 | |
| mingw-colord | 1.2.9 | 1.2.9 | rhughes |
+-----------------------+---------------+---------------+-------------+
| colorhug-client | 0.2.7 | 0.2.7 | |
| mingw-colorhug-client | 0.2.6 | 0.2.6 | rhughes |
+-----------------------+---------------+---------------+-------------+
| curl | 7.43.0 | 7.44.0 | |
| mingw-curl | 7.42.0 | 7.42.0 | epienbro |
+-----------------------+---------------+---------------+-------------+
| cxxtest | 4.4 | 4.4 | |
| mingw-cxxtest | 3.10.1 | 3.10.1 | astokes |
+-----------------------+---------------+---------------+-------------+
| dbus | 1.10.0 | 1.10.0 | |
| mingw-dbus | 1.8.16 | 1.8.16 | ivanromanov |
+-----------------------+---------------+---------------+-------------+
| freeglut | 3.0.0 | 3.0.0 | |
| mingw-freeglut | 2.8.1 | 2.8.1 | rjones |
+-----------------------+---------------+---------------+-------------+
| freeimage | 3.17.0 | 3.17.0 | |
| mingw-freeimage | 3.15.4 | 3.15.4 | smani |
+-----------------------+---------------+---------------+-------------+
| freetype | 2.6.0 | 2.6.0 | |
| mingw-freetype | 2.6 | 2.6 | rjones |
+-----------------------+---------------+---------------+-------------+
| gcc | 5.1.1 | 5.1.1 | |
| mingw-gcc | 5.2.0 | 5.2.0 | epienbro |
+-----------------------+---------------+---------------+-------------+
| gdb | 7.10 | 7.10 | |
| mingw-gdb | 7.8.1 | 7.8.1 | kalev |
+-----------------------+---------------+---------------+-------------+
| gettext | 0.19.6 | 0.19.6 | |
| mingw-gettext | 0.19.4 | 0.19.4 | rjones |
+-----------------------+---------------+---------------+-------------+
| giflib | 4.1.6 | 4.1.6 | |
| mingw-giflib | 5.0.5 | 5.0.5 | smani |
+-----------------------+---------------+---------------+-------------+
| gnutls | 3.4.5 | 3.4.5 | |
| mingw-gnutls | 3.4.3 | 3.4.3 | rjones |
+-----------------------+---------------+---------------+-------------+
| gtkhtml3 | 4.10.0 | 4.10.0 | |
| mingw-gtkhtml3 | 4.6.6 | 4.6.6 | epienbro |
+-----------------------+---------------+---------------+-------------+
| hunspell | 1.3.3 | 1.3.3 | |
| mingw-hunspell | 1.3.2 | 1.3.2 | epienbro |
+-----------------------+---------------+---------------+-------------+
| icu | 54.1 | 54.1 | |
| mingw-icu | 50.1.2 | 50.1.2 | pfor |
+-----------------------+---------------+---------------+-------------+
| libffi | 3.1 | 3.1 | |
| mingw-libffi | 3.0.13 | 3.0.13 | bonzini |
+-----------------------+---------------+---------------+-------------+
| libgcrypt | 1.6.4 | 1.6.4 | |
| mingw-libgcrypt | 1.6.3 | 1.6.3 | rjones |
+-----------------------+---------------+---------------+-------------+
| libgovirt | 0.3.3 | 0.3.3 | |
| mingw-libgovirt | 0.3.2 | 0.3.2 | elmarco |
+-----------------------+---------------+---------------+-------------+
| libgpg-error | 1.20 | 1.20 | |
| mingw-libgpg-error | 1.12 | 1.12 | rjones |
+-----------------------+---------------+---------------+-------------+
| libgsf | 1.14.33 | 1.14.33 | |
| mingw-libgsf | 1.14.34 | 1.14.34 | greghellings |
+-----------------------+---------------+---------------+-------------+
| libgusb | 0.2.7 | 0.2.7 | |
| mingw-libgusb | 0.2.4 | 0.2.4 | rhughes |
+-----------------------+---------------+---------------+-------------+
| libidn | 1.32 | 1.32 | |
| mingw-libidn | 1.28 | 1.28 | epienbro |
+-----------------------+---------------+---------------+-------------+
| libjpeg-turbo | 1.4.1 | 1.4.1 | |
| mingw-libjpeg-turbo | 1.3.1 | 1.3.1 | epienbro |
+-----------------------+---------------+---------------+-------------+
| libmicrohttpd | | 0.9.42 | |
| mingw-libmicrohttpd | | 0.9.39 | mooninite |
+-----------------------+---------------+---------------+-------------+
| libogg | 1.3.2 | 1.3.2 | |
| mingw-libogg | 1.3.0 | 1.3.0 | kraxel |
+-----------------------+---------------+---------------+-------------+
| libosinfo | 0.2.12 | 0.2.12 | |
| mingw-libosinfo | 0.2.8 | 0.2.8 | berrange |
+-----------------------+---------------+---------------+-------------+
| libpng | 1.6.17 | 1.6.18 | |
| mingw-libpng | 1.6.10 | 1.6.10 | rjones |
+-----------------------+---------------+---------------+-------------+
| libsigsegv | 2.10 | 2.10 | |
| mingw-libsigsegv | 2.6 | 2.6 | bonzini |
+-----------------------+---------------+---------------+-------------+
| libsoup | 2.52.0 | 2.52.0 | |
| mingw-libsoup | 2.50.0 | 2.50.0 | epienbro |
+-----------------------+---------------+---------------+-------------+
| libssh2 | 1.6.0 | 1.6.0 | |
| mingw-libssh2 | 1.4.3 | 1.4.3 | epienbro |
+-----------------------+---------------+---------------+-------------+
| libtasn1 | | 4.7 | |
| mingw-libtasn1 | | 4.5 | kalev |
+-----------------------+---------------+---------------+-------------+
| libtiff | 4.0.4 | 4.0.5 | |
| mingw-libtiff | 4.0.3 | 4.0.3 | epienbro |
+-----------------------+---------------+---------------+-------------+
| libusbx | 1.0.20 | 1.0.20 | |
| mingw-libusbx | 1.0.19 | 1.0.19 | elmarco |
+-----------------------+---------------+---------------+-------------+
| libvirt | 1.2.18.1 | 1.2.19 | |
| mingw-libvirt | 1.2.16 | 1.2.16 | berrange |
+-----------------------+---------------+---------------+-------------+
| libvirt-glib | 0.2.2 | 0.2.2 | |
| mingw-libvirt-glib | 0.2.0 | 0.2.0 | berrange |
+-----------------------+---------------+---------------+-------------+
| libwebp | 0.4.3 | 0.4.3 | |
| mingw-libwebp | 0.4.2 | 0.4.2 | pfor |
+-----------------------+---------------+---------------+-------------+
| llvm | 3.7.0 | 3.7.0 | |
| mingw-llvm | 3.0 | 3.0 | brouhaha |
+-----------------------+---------------+---------------+-------------+
| openjpeg | 1.5.1 | 1.5.1 | |
| mingw-openjpeg | 1.5.2 | 1.5.2 | smani |
+-----------------------+---------------+---------------+-------------+
| openssl | 1.0.2d | 1.0.2d | |
| mingw-openssl | 1.0.2a | 1.0.2a | rjones |
+-----------------------+---------------+---------------+-------------+
| pcre | 8.37 | 8.37 | |
| mingw-pcre | 8.36 | 8.36 | astokes |
+-----------------------+---------------+---------------+-------------+
| qpid-cpp | 0.34 | 0.34 | |
| mingw-qpid-cpp | 0.14 | 0.14 | beekhof |
+-----------------------+---------------+---------------+-------------+
| qt | 4.8.7 | 4.8.7 | |
| mingw-qt | 4.8.6 | 4.8.6 | sailer |
+-----------------------+---------------+---------------+-------------+
| readline | 6.3 | 6.3 | |
| mingw-readline | 6.2 | 6.2 | rjones |
+-----------------------+---------------+---------------+-------------+
| rest | 0.7.93 | 0.7.93 | |
| mingw-rest | 0.7.92 | 0.7.92 | elmarco |
+-----------------------+---------------+---------------+-------------+
| shapelib | 1.3.0f | 1.3.0f | |
| mingw-shapelib | 1.3.0 | 1.3.0 | smani |
+-----------------------+---------------+---------------+-------------+
| spice-protocol | | 0.12.9 | |
| mingw-spice-protocol | | 0.12.8 | kraxel |
+-----------------------+---------------+---------------+-------------+
| sqlite | 3.8.11.1 | 3.8.11.1 | |
| mingw-sqlite | 3.8.4.3 | 3.8.4.3 | rjones |
+-----------------------+---------------+---------------+-------------+
| tk | 8.6.4 | 8.6.4 | |
| mingw-tk | 8.6.1 | 8.6.1 | roma |
+-----------------------+---------------+---------------+-------------+
| usbredir | 0.7 | 0.7 | |
| mingw-usbredir | 0.6 | 0.6 | elmarco |
+-----------------------+---------------+---------------+-------------+
| xz | | 5.2.2 | |
| mingw-xz | | 5.2.1 | mooninite |
+-----------------------+---------------+---------------+-------------+
8 years, 7 months