April 2015 - mingw - Fedora Mailing-Lists

[Bug 1162621] New: CVE-2014-8504 binutils: stack overflow in the SREC parser

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1162621 Bug ID: 1162621 Summary: CVE-2014-8504 binutils: stack overflow in the SREC parser Product: Security Response Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team(a)redhat.com Reporter: vkaigoro(a)redhat.com CC: bgollahe(a)redhat.com, dan(a)danny.cz, dhowells(a)redhat.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, jakub(a)redhat.com, kalevlember(a)gmail.com, kanderso(a)redhat.com, ktietz(a)redhat.com, law(a)redhat.com, lkocman(a)redhat.com, lkundrak(a)v3.sk, mfranc(a)redhat.com, mhlavink(a)redhat.com, nickc(a)redhat.com, ohudlick(a)redhat.com, pfrankli(a)redhat.com, rjones(a)redhat.com, rob(a)robspanton.com, seceng-idm-qe-list(a)redhat.com, swhiteho(a)redhat.com, thibault.north(a)gmail.com, tmlcoch(a)redhat.com, trond.danielsen(a)gmail.com Stack overflow issue was reported [1] in SREC parser in binutils. Upstream patch that fixes this issue is at [2]. [1]: https://sourceware.org/bugzilla/show_bug.cgi?id=17510#c7 [2]: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=708d7d0d11f0f2... -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=bHcxYEBDhk&a=cc_unsubscribe

8 years, 5 months

1
42
0 / 0

[Bug 1162607] New: CVE-2014-8503 binutils: stack overflow in objdump when parsing specially crafted ihex file

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1162607 Bug ID: 1162607 Summary: CVE-2014-8503 binutils: stack overflow in objdump when parsing specially crafted ihex file Product: Security Response Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team(a)redhat.com Reporter: vkaigoro(a)redhat.com CC: bgollahe(a)redhat.com, dan(a)danny.cz, dhowells(a)redhat.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, jakub(a)redhat.com, kalevlember(a)gmail.com, kanderso(a)redhat.com, ktietz(a)redhat.com, law(a)redhat.com, lkocman(a)redhat.com, lkundrak(a)v3.sk, mfranc(a)redhat.com, mhlavink(a)redhat.com, nickc(a)redhat.com, ohudlick(a)redhat.com, pfrankli(a)redhat.com, rjones(a)redhat.com, rob(a)robspanton.com, seceng-idm-qe-list(a)redhat.com, swhiteho(a)redhat.com, thibault.north(a)gmail.com, tmlcoch(a)redhat.com, trond.danielsen(a)gmail.com Stack overflow was reported [1] in objdump when parsing a crafted ihex file [2]. Upstream patch is at [3]. [1]: https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c33 [2]: https://sourceware.org/bugzilla/attachment.cgi?id=7869 [3]: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0102ea8cec5fc5... -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=fWj88qzSHL&a=cc_unsubscribe

8 years, 5 months

1
31
0 / 0

[Bug 1162594] New: CVE-2014-8502 binutils: heap overflow in objdump

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1162594 Bug ID: 1162594 Summary: CVE-2014-8502 binutils: heap overflow in objdump Product: Security Response Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team(a)redhat.com Reporter: vkaigoro(a)redhat.com CC: bgollahe(a)redhat.com, dan(a)danny.cz, dhowells(a)redhat.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, jakub(a)redhat.com, kalevlember(a)gmail.com, kanderso(a)redhat.com, ktietz(a)redhat.com, law(a)redhat.com, lkocman(a)redhat.com, lkundrak(a)v3.sk, mfranc(a)redhat.com, mhlavink(a)redhat.com, nickc(a)redhat.com, ohudlick(a)redhat.com, pfrankli(a)redhat.com, rjones(a)redhat.com, rob(a)robspanton.com, seceng-idm-qe-list(a)redhat.com, swhiteho(a)redhat.com, thibault.north(a)gmail.com, tmlcoch(a)redhat.com, trond.danielsen(a)gmail.com A heap overflow was reborted [1] when running objdump on a specially crafted PE executable [2]. Upstream patches that address this are at [3] and [4]. [1]: https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c17 [2]: https://sourceware.org/bugzilla/attachment.cgi?id=7862 [3]: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5a4b0ccc20ba30... [4]: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=acafeb6056bec4... -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=pnYCBTnBr5&a=cc_unsubscribe

8 years, 5 months

1
44
0 / 0

[Bug 1162570] New: CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1162570 Bug ID: 1162570 Summary: CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable Product: Security Response Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team(a)redhat.com Reporter: vkaigoro(a)redhat.com CC: bgollahe(a)redhat.com, dan(a)danny.cz, dhowells(a)redhat.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, jakub(a)redhat.com, kalevlember(a)gmail.com, kanderso(a)redhat.com, ktietz(a)redhat.com, law(a)redhat.com, lkocman(a)redhat.com, lkundrak(a)v3.sk, mfranc(a)redhat.com, mhlavink(a)redhat.com, nickc(a)redhat.com, ohudlick(a)redhat.com, pfrankli(a)redhat.com, rjones(a)redhat.com, rob(a)robspanton.com, seceng-idm-qe-list(a)redhat.com, swhiteho(a)redhat.com, thibault.north(a)gmail.com, tmlcoch(a)redhat.com, trond.danielsen(a)gmail.com It was reported [1] that running strings, nm or objdump on a constructed PE file [2] leads to out-of bounds write to an unitialized memory area. Upstream path for this issue is at [3]. [1]: https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c0 [2]: https://sourceware.org/bugzilla/attachment.cgi?id=7849 [3]: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7e1e19887abd24... -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=xVCMYjG9bG&a=cc_unsubscribe

8 years, 5 months

1
39
0 / 0

[Bug 1212162] New: Exception handling corrupts a VLA

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1212162 Bug ID: 1212162 Summary: Exception handling corrupts a VLA Product: Fedora Version: 21 Component: mingw32-gcc Assignee: rjones(a)redhat.com Reporter: hedayatv(a)gmail.com QA Contact: extras-qa(a)fedoraproject.org CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, kalevlember(a)gmail.com, rjones(a)redhat.com Description of problem: Code: ----------------------------------------------------------------- #include <iostream> #include <cstring> #include <sstream> #include <stdexcept> using namespace std; int main(int argc, char **argv) { int n; stringstream ss(argv[1]); ss >> n; cout << "N: " << n << endl; char tbuff[n]; try { memset(tbuff, 0, n); throw runtime_error("ERR"); } catch (exception &e) { cout << "Writing to VLA" << endl; memset(tbuff, 0, n); cout << "Wrote" << endl; } } ----------------------------------------------------------------- Compiled with: /usr/bin/i686-w64-mingw32-g++ -O2 test.cpp -o t Run with wine (similar results under Windows) results in crash: []% ./t 100 fixme:winediag:start_process Wine Staging is a testing version containing experimental patches. fixme:winediag:start_process Please report bugs at http://bugs.wine-staging.com (instead of winehq.org). N: 100 Writing to VLA wine: Unhandled page fault on read access to 0x00000000 at address (nil) (thread 0009), starting debugger... Unhandled exception: page fault on read access to 0x00000000 in 32-bit code (0x00000000). .... Version-Release number of selected component (if applicable): mingw32-gcc-c++-4.9.2-1.fc21.x86_64 How reproducible: 100% -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=fSJiOBofWA&a=cc_unsubscribe

8 years, 5 months

1
5
0 / 0

[Bug 1205458] New: Review Request: mingw-qt5-qtwebchannel - Qt5 for Windows - QtWebChannel component

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1205458 Bug ID: 1205458 Summary: Review Request: mingw-qt5-qtwebchannel - Qt5 for Windows - QtWebChannel component Product: Fedora Version: 21 Component: Package Review Assignee: nobody(a)fedoraproject.org Reporter: erik-fedora(a)vanpienbroek.nl QA Contact: extras-qa(a)fedoraproject.org CC: fedora-mingw(a)lists.fedoraproject.org, package-review(a)lists.fedoraproject.org Spec URL: http://svn.nntpgrab.nl/svn/fedora_cross/mingw-qt5-qtwebchannel/mingw-qt5-... SRPM URL: http://koji.vanpienbroek.nl/kojifiles/packages/mingw-qt5-qtwebchannel/5.4... Koji scratch build: https://koji.vanpienbroek.nl/koji/buildinfo?buildID=256 Fedora Account System Username: epienbro Description: This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=amKXe8w2cr&a=cc_unsubscribe

8 years, 5 months

1
3
0 / 0

[Bug 858062] New: Review Request: mingw-qt5-qtactiveqt - Qt5 for Windows - QtActiveQt component

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=858062 Bug ID: 858062 QA Contact: extras-qa(a)fedoraproject.org Severity: unspecified Version: rawhide Priority: unspecified CC: fedora-mingw(a)lists.fedoraproject.org, notting(a)redhat.com, package-review(a)lists.fedoraproject.org Assignee: nobody(a)fedoraproject.org Summary: Review Request: mingw-qt5-qtactiveqt - Qt5 for Windows - QtActiveQt component Regression: --- Story Points: --- Classification: Fedora OS: Unspecified Reporter: erik-fedora(a)vanpienbroek.nl Type: Bug Documentation: --- Hardware: Unspecified Mount Type: --- Status: NEW Component: Package Review Product: Fedora Spec URL: http://svn.openftd.org/svn/fedora_cross/mingw-qt5-qtactiveqt/mingw-qt5-qt... SRPM URL: http://ftd4linux.nl/contrib/mingw-qt5-qtactiveqt-5.0.0-0.1.beta1.fc17.src... Fedora Account System Username: epienbro Description: This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler. -- You are receiving this mail because: You are on the CC list for the bug.

8 years, 9 months

1
26
0 / 0

[Bug 1057910] New: Review Request: mingw-qt5-qtserialport - Qt5 for Windows - QtSerialPort component

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1057910 Bug ID: 1057910 Summary: Review Request: mingw-qt5-qtserialport - Qt5 for Windows - QtSerialPort component Product: Fedora Version: rawhide Component: Package Review Severity: medium Priority: medium Assignee: nobody(a)fedoraproject.org Reporter: erik-fedora(a)vanpienbroek.nl QA Contact: extras-qa(a)fedoraproject.org CC: fedora-mingw(a)lists.fedoraproject.org, package-review(a)lists.fedoraproject.org Spec URL: http://svn.nntpgrab.nl/svn/fedora_cross/mingw-qt5-qtserialport/mingw-qt5-... SRPM URL: http://koji.vanpienbroek.nl/kojifiles/packages/mingw-qt5-qtserialport/5.2... Koji scratch build: http://koji.vanpienbroek.nl/koji/buildinfo?buildID=187 Fedora Account System Username: epienbro Description: This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=cAZZzKe8ME&a=cc_unsubscribe

8 years, 10 months

1
4
0 / 0

[Bug 1090976] CVE-2014-0191 libxml2: external parameter entity loaded when entity substitution is disabled

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1090976 Md Azhar <mdshaikh(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo? | -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=0J1nVBPMuF&a=cc_unsubscribe

8 years, 12 months

1
0
0 / 0

Problem when cross compiling Gecko (ILocation not declared)

by Zhenbo Li

Hello, everyone I'm trying to use mingw-w64 to cross compile gecko (hg version), and, I faced a problem: 1:59.33 In file included from /home/lizhenbo/src/mozilla-central-upstream/dom/geolocation/nsGeolocation.cpp:53:0: 1:59.33 /home/lizhenbo/src/mozilla-central-upstream/dom/system/windows/WindowsLocationProvider.h:43:12: error: 'ILocation' was not declared in this scope 1:59.33 nsRefPtr<ILocation> mLocation; 1:59.33 ^ 1:59.33 /home/lizhenbo/src/mozilla-central-upstream/dom/system/windows/WindowsLocationProvider.h:43:21: error: template argument 1 is invalid 1:59.33 nsRefPtr<ILocation> mLocation; 1:59.33 $ cat /usr/i686-w64-mingw32/sys-root/mingw/include/locationapi.h|grep -w ILocation And nothing is found There is a patch by Jacek[0], has it been merged to trunk? What should I do to cross compile gecko? Thank you very much. [0]: http://sourceforge.net/p/mingw-w64/mingw-w64/ci/7268caece9b4cb33ff698306e... -- Have a nice day! Zhenbo Li

8 years, 12 months

3
4
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

mingw April 2015