OpenPKG CVS Repository
http://cvs.openpkg.org/
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 28-Jul-2005 08:22:17
Branch: OPENPKG_2_3_SOLIDHandle: 2005072807221700
Modified files: (Branch: OPENPKG_2_3_SOLID)
openpkg-src/zlibzlib.patch zlib.spec
Log:
Security Bugfix (OpenPKG-SA-2005.014-zlib; CAN-2005-1849)
Summary:
RevisionChanges Path
1.4.2.2 +25 -0 openpkg-src/zlib/zlib.patch
1.32.2.3+1 -1 openpkg-src/zlib/zlib.spec
patch -p0 <<'@@ .'
Index: openpkg-src/zlib/zlib.patch
$ cvs diff -u -r1.4.2.1 -r1.4.2.2 zlib.patch
--- openpkg-src/zlib/zlib.patch 6 Jul 2005 16:47:32 - 1.4.2.1
+++ openpkg-src/zlib/zlib.patch 28 Jul 2005 06:22:17 - 1.4.2.2
@@ -1,3 +1,5 @@
+Security Bugfix (OpenPKG-SA-2005.013-zlib; CAN-2005-2096)
+
Index: inftrees.c
--- inftrees.c.orig 2004-09-15 16:30:06 +0200
+++ inftrees.c 2005-07-06 18:31:14 +0200
@@ -10,3 +12,26 @@
return -1; /* incomplete set */
/* generate offsets into symbol table for each length for sorting */
+
+Security Bugfix (OpenPKG-SA-2005.014-zlib; CAN-2005-1849)
+
+Index: inftrees.h
+--- inftrees.h.orig 2003-08-11 00:15:50 +0200
inftrees.h 2005-07-11 08:50:37 +0200
+@@ -36,12 +36,12 @@
+ */
+
+ /* Maximum size of dynamic tree. The maximum found in a long but non-
+- exhaustive search was 1004 code structures (850 for length/literals
+- and 154 for distances, the latter actually the result of an
++ exhaustive search was 1444 code structures (852 for length/literals
++ and 592 for distances, the latter actually the result of an
+exhaustive search). The true maximum is not known, but the value
+below is more than safe. */
+-#define ENOUGH 1440
+-#define MAXD 154
++#define ENOUGH 2048
++#define MAXD 592
+
+ /* Type of code to build for inftable() */
+ typedef enum {
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/zlib/zlib.spec
$ cvs diff -u -r1.32.2.2 -r1.32.2.3 zlib.spec
--- openpkg-src/zlib/zlib.spec6 Jul 2005 16:47:32 - 1.32.2.2
+++ openpkg-src/zlib/zlib.spec28 Jul 2005 06:22:17 - 1.32.2.3
@@ -34,7 +34,7 @@
Group:Compression
License: BSD
Version: 1.2.2
-Release: 2.3.1
+Release: 2.3.2
# list of sources
Source0: http://www.zlib.net/zlib-%{version}.tar.gz
@@ .
__
The OpenPKG Projectwww.openpkg.org
CVS Repository Commit List openpkg-cvs@openpkg.org