CVSROOT: /cvs
Module name: ports
Changes by: st...@cvs.openbsd.org 2014/04/08 07:59:32
Modified files:
graphics/jbigkit: Makefile distinfo
graphics/jbigkit/patches: patch-Makefile patch-libjbig_Makefile
patch-pbmtools_Makefile
Removed files:
graphics/jbigkit/patches: patch-pbmtools_jbgtopbm_c
Log message:
SECURITY update to jbigkit 2.1 (no ABI change)
- fixed a buffer-overflow vulnerability in the jbig.c decoder,
reported by Florian Weimer (Red Hat): CVE-2013-6369
- fixed ability of corrupted input data to force jbig85.c decoder
into an end-less loop
- fixed a bug in the processing of private deterministic-prediction
tables (DPPRIV=1) in jbig.c decoder
- fixed integer-type mismatches in printf arguments on 64-bit systems
- fuzz-testing script added
