subject:"\[CVS\] OpenPKG\: OPENPKG_2_3_SOLID\: openpkg\-src\/zlib\/ zlib.patch zlib.sp..."

[CVS] OpenPKG: OPENPKG_2_3_SOLID: openpkg-src/zlib/ zlib.patch zlib.sp...

2005-07-27 Thread Ralf S. Engelschall

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  

  Server: cvs.openpkg.org  Name:   Ralf S. Engelschall
  Root:   /v/openpkg/cvs   Email:  [EMAIL PROTECTED]
  Module: openpkg-src  Date:   28-Jul-2005 08:22:17
  Branch: OPENPKG_2_3_SOLIDHandle: 2005072807221700

  Modified files:   (Branch: OPENPKG_2_3_SOLID)
openpkg-src/zlibzlib.patch zlib.spec

  Log:
Security Bugfix (OpenPKG-SA-2005.014-zlib; CAN-2005-1849)

  Summary:
RevisionChanges Path
1.4.2.2 +25 -0  openpkg-src/zlib/zlib.patch
1.32.2.3+1  -1  openpkg-src/zlib/zlib.spec
  

  patch -p0 <<'@@ .'
  Index: openpkg-src/zlib/zlib.patch
  
  $ cvs diff -u -r1.4.2.1 -r1.4.2.2 zlib.patch
  --- openpkg-src/zlib/zlib.patch   6 Jul 2005 16:47:32 -   1.4.2.1
  +++ openpkg-src/zlib/zlib.patch   28 Jul 2005 06:22:17 -  1.4.2.2
  @@ -1,3 +1,5 @@
  +Security Bugfix (OpenPKG-SA-2005.013-zlib; CAN-2005-2096)
  +
   Index: inftrees.c
   --- inftrees.c.orig  2004-09-15 16:30:06 +0200
   +++ inftrees.c   2005-07-06 18:31:14 +0200
  @@ -10,3 +12,26 @@
return -1;  /* incomplete set */

/* generate offsets into symbol table for each length for sorting */
  +
  +Security Bugfix (OpenPKG-SA-2005.014-zlib; CAN-2005-1849)
  +
  +Index: inftrees.h
  +--- inftrees.h.orig  2003-08-11 00:15:50 +0200
   inftrees.h   2005-07-11 08:50:37 +0200
  +@@ -36,12 +36,12 @@
  +  */
  + 
  + /* Maximum size of dynamic tree.  The maximum found in a long but non-
  +-   exhaustive search was 1004 code structures (850 for length/literals
  +-   and 154 for distances, the latter actually the result of an
  ++   exhaustive search was 1444 code structures (852 for length/literals
  ++   and 592 for distances, the latter actually the result of an
  +exhaustive search).  The true maximum is not known, but the value
  +below is more than safe. */
  +-#define ENOUGH 1440
  +-#define MAXD 154
  ++#define ENOUGH 2048
  ++#define MAXD 592
  + 
  + /* Type of code to build for inftable() */
  + typedef enum {
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/zlib/zlib.spec
  
  $ cvs diff -u -r1.32.2.2 -r1.32.2.3 zlib.spec
  --- openpkg-src/zlib/zlib.spec6 Jul 2005 16:47:32 -   1.32.2.2
  +++ openpkg-src/zlib/zlib.spec28 Jul 2005 06:22:17 -  1.32.2.3
  @@ -34,7 +34,7 @@
   Group:Compression
   License:  BSD
   Version:  1.2.2
  -Release:  2.3.1
  +Release:  2.3.2
   
   #   list of sources
   Source0:  http://www.zlib.net/zlib-%{version}.tar.gz
  @@ .
__
The OpenPKG Projectwww.openpkg.org
CVS Repository Commit List openpkg-cvs@openpkg.org

[CVS] OpenPKG: OPENPKG_2_3_SOLID: openpkg-src/zlib/ zlib.patch zlib.sp...

2005-07-06 Thread Ralf S. Engelschall

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  

  Server: cvs.openpkg.org  Name:   Ralf S. Engelschall
  Root:   /v/openpkg/cvs   Email:  [EMAIL PROTECTED]
  Module: openpkg-src  Date:   06-Jul-2005 18:47:32
  Branch: OPENPKG_2_3_SOLIDHandle: 2005070617473200

  Added files:  (Branch: OPENPKG_2_3_SOLID)
openpkg-src/zlibzlib.patch
  Modified files:   (Branch: OPENPKG_2_3_SOLID)
openpkg-src/zlibzlib.spec

  Log:
Fix zlib security issue (OpenPKG-SA-2005.013, CAN-2005-2096)

  Summary:
RevisionChanges Path
1.4.2.1 +12 -0  openpkg-src/zlib/zlib.patch
1.32.2.2+3  -1  openpkg-src/zlib/zlib.spec
  

  patch -p0 <<'@@ .'
  Index: openpkg-src/zlib/zlib.patch
  
  $ cvs diff -u -r0 -r1.4.2.1 zlib.patch
  --- /dev/null 2005-07-06 18:47:32 +0200
  +++ zlib.patch2005-07-06 18:47:32 +0200
  @@ -0,0 +1,12 @@
  +Index: inftrees.c
  +--- inftrees.c.orig  2004-09-15 16:30:06 +0200
   inftrees.c   2005-07-06 18:31:14 +0200
  +@@ -134,7 +134,7 @@
  + left -= count[len];
  + if (left < 0) return -1;/* over-subscribed */
  + }
  +-if (left > 0 && (type == CODES || (codes - count[0] != 1)))
  ++if (left > 0 && (type == CODES || max != 1))
  + return -1;  /* incomplete set */
  + 
  + /* generate offsets into symbol table for each length for sorting */
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/zlib/zlib.spec
  
  $ cvs diff -u -r1.32.2.1 -r1.32.2.2 zlib.spec
  --- openpkg-src/zlib/zlib.spec21 Feb 2005 17:09:06 -  1.32.2.1
  +++ openpkg-src/zlib/zlib.spec6 Jul 2005 16:47:32 -   1.32.2.2
  @@ -34,10 +34,11 @@
   Group:Compression
   License:  BSD
   Version:  1.2.2
  -Release:  2.3.0
  +Release:  2.3.1
   
   #   list of sources
   Source0:  http://www.zlib.net/zlib-%{version}.tar.gz
  +Patch0:   zlib.patch
   
   #   build information
   Prefix:   %{l_prefix}
  @@ -68,6 +69,7 @@
   
   %prep
   %setup -q
  +%patch -p0
   
   %build
   CC="%{l_cc}" \
  @@ .
__
The OpenPKG Projectwww.openpkg.org
CVS Repository Commit List openpkg-cvs@openpkg.org

[CVS] OpenPKG: OPENPKG_2_3_SOLID: openpkg-src/zlib/ zlib.patch zlib.sp...

[CVS] OpenPKG: OPENPKG_2_3_SOLID: openpkg-src/zlib/ zlib.patch zlib.sp...

2 matches

Site Navigation

Mail list logo

Footer information