Hello community, here is the log from the commit of package gimp for openSUSE:11.3 checked in at Tue May 31 15:44:06 CEST 2011.
-------- --- old-versions/11.3/UPDATES/all/gimp/gimp.changes 2011-02-15 10:17:19.000000000 +0100 +++ 11.3/gimp/gimp.changes 2011-05-27 23:17:18.000000000 +0200 @@ -1,0 +2,6 @@ +Fri May 27 20:21:20 UTC 2011 - [email protected] + +- Modify gimp-CVE-2010-4543.patch to include fix for the second + part of bnc#692877. (CVE-2011-1782) + +------------------------------------------------------------------- calling whatdependson for 11.3-i586 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gimp.spec ++++++ --- /var/tmp/diff_new_pack.EYGgsZ/_old 2011-05-31 15:42:01.000000000 +0200 +++ /var/tmp/diff_new_pack.EYGgsZ/_new 2011-05-31 15:42:01.000000000 +0200 @@ -48,7 +48,7 @@ BuildRequires: xorg-x11-libXfixes-devel Url: http://www.gimp.org/ Version: 2.6.8 -Release: 7.<RELEASE2> +Release: 7.<RELEASE5> License: GPLv2+ Group: Productivity/Graphics/Bitmap Editors Suggests: AdobeICCProfiles ++++++ gimp-CVE-2010-4543.patch ++++++ --- /var/tmp/diff_new_pack.EYGgsZ/_old 2011-05-31 15:42:02.000000000 +0200 +++ /var/tmp/diff_new_pack.EYGgsZ/_new 2011-05-31 15:42:02.000000000 +0200 @@ -14,7 +14,7 @@ fread (buf, runcount, 1, f); + + /* prevent buffer overflow for bogus data */ -+ runcount = MIN (runcount, endq - q); ++ runcount = MIN (runcount, (endq - q) / bytespp); + if (bytespp == 1) { ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
