pkgsrc-changes: CVS commit: [pkgsrc-2005Q4] pkgsrc/x11/openmotif

Subject: CVS commit: [pkgsrc-2005Q4] pkgsrc/x11/openmotif
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 01/08/2006 05:33:48

Module Name:	pkgsrc
Committed By:	salo
Date:		Sun Jan  8 05:33:48 UTC 2006

Modified Files:
	pkgsrc/x11/openmotif [pkgsrc-2005Q4]: Makefile distinfo
Added Files:
	pkgsrc/x11/openmotif/patches [pkgsrc-2005Q4]: patch-bj patch-bk

Log Message:
Pullup ticket 1008 - requested by Joerg Sonnenberger
security fix for openmotif

Revisions pulled up:
- pkgsrc/x11/openmotif/Makefile			1.40
- pkgsrc/x11/openmotif/distinfo			1.22
- pkgsrc/x11/openmotif/patches/patch-bj		1.3
- pkgsrc/x11/openmotif/patches/patch-bk		1.1

   Module Name:		pkgsrc
   Committed By:	joerg
   Date:		Sat Jan  7 21:08:12 UTC 2006

   Modified Files:
   	pkgsrc/x11/openmotif: Makefile distinfo
   Added Files:
   	pkgsrc/x11/openmotif/patches: patch-bj patch-bk

   Log Message:
   Fix a number of buffer overflows in OpenMotif's UIL implementation.
   For non-propolice systems this might be exploitable when the
   user-provided data (e.g. certain filenames) or the locale files are
   manipulated.

   Mostly-found-by: xfocus, see [xfocus-SD-051202] on VulnWatch. Some
   additional cases are handled which have the same impact.
   Bump revision.


To generate a diff of this commit:
cvs rdiff -r1.39 -r1.39.2.1 pkgsrc/x11/openmotif/Makefile
cvs rdiff -r1.19 -r1.19.2.1 pkgsrc/x11/openmotif/distinfo
cvs rdiff -r0 -r1.2.2.1 pkgsrc/x11/openmotif/patches/patch-bj
cvs rdiff -r0 -r1.1.2.1 pkgsrc/x11/openmotif/patches/patch-bk

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.