[Security-team] I: bzip2 1.0.4
Slava Semushin
=?iso-8859-1?q?slava=2Esemushin_=CE=C1_gmail=2Ecom?=
Сб Янв 6 18:40:43 MSK 2007
JFYI. Хотя, скорее всего, ldv@ и без меня в курсе :)
Покопался в чейнджлоге и не понял закрыты ли у нас эти дырочки. Может и
запатчены, но сходу упоминаний не увидел.
---------- Forwarded message ----------
From: Thomas Klausner <wiz / netbsd.org>
Date: 06.01.2007 18:34
Subject: CVS commit: pkgsrc/archivers/bzip2
To: pkgsrc-changes / netbsd.org
Module Name: pkgsrc
Committed By: wiz
Date: Sat Jan 6 15:34:37 UTC 2007
Modified Files:
pkgsrc/archivers/bzip2: Makefile distinfo
pkgsrc/archivers/bzip2/patches: patch-aa
Log Message:
Update to 1.0.4:
1.0.4 (20 Dec 06)
~~~~~~~~~~~~~~~~~
Fixes some minor bugs since the last version, 1.0.3.
* Fix file permissions race problem (CAN-2005-0953).
* Avoid possible segfault in BZ2_bzclose. From Coverity's NetBSD
scan.
* 'const'/prototype cleanups in the C code.
* Change default install location to /usr/local, and handle multiple
'make install's without error.
* Sanitise file names more carefully in bzgrep. Fixes CAN-2005-0758
to the extent that applies to bzgrep.
* Use 'mktemp' rather than 'tempfile' in bzdiff.
* Tighten up a couple of assertions in blocksort.c following automated
analysis.
* Fix minor doc/comment bugs.
To generate a diff of this commit:
cvs rdiff -r1.42 -r1.43 pkgsrc/archivers/bzip2/Makefile
cvs rdiff -r1.12 -r1.13 pkgsrc/archivers/bzip2/distinfo
cvs rdiff -r1.11 -r1.12 pkgsrc/archivers/bzip2/patches/patch-aa
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
--
+ Slava Semushin | slava.semushin @ gmail.com
+ ALT Linux Team | php-coder @ altlinux.ru
----------- следующая часть -----------
Вложение в формате HTML было удалено...
URL: <http://lists.altlinux.org/pipermail/security-team/attachments/20070106/d2a42f8c/attachment-0003.html>
Подробная информация о списке рассылки Security-team