pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/emulators/suse131_libpng Apply following update to sus...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/58c5e0637a29
branches:  trunk
changeset: 645442:58c5e0637a29
user:      obache <obache%pkgsrc.org@localhost>
date:      Thu Jan 29 00:11:32 2015 +0000

description:
Apply following update to suse131_libpng, bump PKGREVISION.

   openSUSE Security Update: Security update for libpng16
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2015:0161-1
Rating:             important
References:         #912076 #912929
Cross-References:   CVE-2014-9495 CVE-2015-0973
Affected Products:
                    openSUSE 13.2
                    openSUSE 13.1
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:


   libpng was updated to fix some security issues:

   * CVE-2014-9495 [bnc#912076]: Heap-buffer overflow png_combine_row() with
     very wide interlaced images

   * CVE-2015-0973 [bnc#912929]: overflow in png_read_IDAT_data

   libpng is now also build with -DPNG_SAFE_LIMITS_SUPPORTED.


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 13.2:

      zypper in -t patch openSUSE-2015-79

   - openSUSE 13.1:

      zypper in -t patch openSUSE-2015-79

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 13.2 (i586 x86_64):

      libpng16-16-1.6.13-2.4.1
      libpng16-16-debuginfo-1.6.13-2.4.1
      libpng16-compat-devel-1.6.13-2.4.1
      libpng16-debugsource-1.6.13-2.4.1
      libpng16-devel-1.6.13-2.4.1
      libpng16-tools-1.6.13-2.4.1
      libpng16-tools-debuginfo-1.6.13-2.4.1

   - openSUSE 13.2 (x86_64):

      libpng16-16-32bit-1.6.13-2.4.1
      libpng16-16-debuginfo-32bit-1.6.13-2.4.1
      libpng16-compat-devel-32bit-1.6.13-2.4.1
      libpng16-devel-32bit-1.6.13-2.4.1

   - openSUSE 13.1 (i586 x86_64):

      libpng16-16-1.6.6-16.1
      libpng16-16-debuginfo-1.6.6-16.1
      libpng16-compat-devel-1.6.6-16.1
      libpng16-debugsource-1.6.6-16.1
      libpng16-devel-1.6.6-16.1
      libpng16-tools-1.6.6-16.1
      libpng16-tools-debuginfo-1.6.6-16.1

   - openSUSE 13.1 (x86_64):

      libpng16-16-32bit-1.6.6-16.1
      libpng16-16-debuginfo-32bit-1.6.6-16.1
      libpng16-compat-devel-32bit-1.6.6-16.1
      libpng16-devel-32bit-1.6.6-16.1


References:

   http://support.novell.com/security/cve/CVE-2014-9495.html
   http://support.novell.com/security/cve/CVE-2015-0973.html
   https://bugzilla.suse.com/show_bug.cgi?id=912076
   https://bugzilla.suse.com/show_bug.cgi?id=912929

diffstat:

 emulators/suse131_libpng/Makefile |   6 +++---
 emulators/suse131_libpng/distinfo |  14 +++++++-------
 2 files changed, 10 insertions(+), 10 deletions(-)

diffs (42 lines):

diff -r f546c3fb0e99 -r 58c5e0637a29 emulators/suse131_libpng/Makefile
--- a/emulators/suse131_libpng/Makefile Wed Jan 28 22:15:17 2015 +0000
+++ b/emulators/suse131_libpng/Makefile Thu Jan 29 00:11:32 2015 +0000
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.5 2014/09/07 12:26:43 obache Exp $
+# $NetBSD: Makefile,v 1.6 2015/01/29 00:11:32 obache Exp $
 
 PKGNAME=       suse_libpng-${SUSE_VERSION}
-PKGREVISION=   3
+PKGREVISION=   4
 CATEGORIES=    emulators
 RPMUPDPKGS+=   libpng12-0-1.2.50-6.4.1.${SUSE_ARCH}
-RPMUPDPKGS+=   libpng16-16-1.6.6-12.1.${SUSE_ARCH}
+RPMUPDPKGS+=   libpng16-16-1.6.6-16.1.${SUSE_ARCH}
 
 MAINTAINER=    pkgsrc-users%NetBSD.org@localhost
 COMMENT=       Linux compatibility package for PNG
diff -r f546c3fb0e99 -r 58c5e0637a29 emulators/suse131_libpng/distinfo
--- a/emulators/suse131_libpng/distinfo Wed Jan 28 22:15:17 2015 +0000
+++ b/emulators/suse131_libpng/distinfo Thu Jan 29 00:11:32 2015 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.4 2014/05/08 12:46:36 obache Exp $
+$NetBSD: distinfo,v 1.5 2015/01/29 00:11:32 obache Exp $
 
 SHA1 (suse131/libpng12-0-1.2.50-6.4.1.i586.rpm) = 1b041690a89037da8a319ddf4d105eb919b57082
 RMD160 (suse131/libpng12-0-1.2.50-6.4.1.i586.rpm) = 9ff2b2a30dd4576dc1ebf4b850102564494a16d3
@@ -6,9 +6,9 @@
 SHA1 (suse131/libpng12-0-1.2.50-6.4.1.x86_64.rpm) = bfe8b982093a0051f13f9577895765c5ad0def1b
 RMD160 (suse131/libpng12-0-1.2.50-6.4.1.x86_64.rpm) = 8dfdd571a326b0c7f129f0565ece2073fa364e5b
 Size (suse131/libpng12-0-1.2.50-6.4.1.x86_64.rpm) = 76630 bytes
-SHA1 (suse131/libpng16-16-1.6.6-12.1.i586.rpm) = 3932392f6b0dd8875a74ee38092e5a7caa9b534e
-RMD160 (suse131/libpng16-16-1.6.6-12.1.i586.rpm) = d45e8708594e8c3d07e6d6d92910c5b85a701ed0
-Size (suse131/libpng16-16-1.6.6-12.1.i586.rpm) = 116628 bytes
-SHA1 (suse131/libpng16-16-1.6.6-12.1.x86_64.rpm) = aef34cf7544bb362dfb7453a9ce3ce176c657082
-RMD160 (suse131/libpng16-16-1.6.6-12.1.x86_64.rpm) = 5ef64b09c1ffed7492ec41f9635a340b7b5d909c
-Size (suse131/libpng16-16-1.6.6-12.1.x86_64.rpm) = 122723 bytes
+SHA1 (suse131/libpng16-16-1.6.6-16.1.i586.rpm) = 93700f5bd2b1acf43737e83e3a1013d274ff2aa2
+RMD160 (suse131/libpng16-16-1.6.6-16.1.i586.rpm) = 07721cc0713f3cd342b38390750805284a79e22f
+Size (suse131/libpng16-16-1.6.6-16.1.i586.rpm) = 116853 bytes
+SHA1 (suse131/libpng16-16-1.6.6-16.1.x86_64.rpm) = de98344ed801e6e62a576da38184e7647efb23b4
+RMD160 (suse131/libpng16-16-1.6.6-16.1.x86_64.rpm) = ec6ae2d6e0307c52e0d8fd3887178753bf41a23e
+Size (suse131/libpng16-16-1.6.6-16.1.x86_64.rpm) = 122858 bytes



Home | Main Index | Thread Index | Old Index