Abhijit Nath wrote:
> _*CR:*_
> 6755267 multiple security vulnerabilities in libpng before 1.2.32
>
> _*Product :*_
> JDS
>
> _*OS:*_
> OpenSolaris
>
> _*Changed files :*_
>
> SUNWpng.spec
>
> Tarballs to be added :
>
> libpng-1.0.43.tar.bz2
> libpng-1.2.35.tar.bz2
>
> _*Description of change :*_
> All versions of libpng from 0.89c through 1.2.34 contain an
> uninitialized-data bug that can be triggered by a malicious user.
> Specifically, there are several instances in which a malloc'd array of
> pointers is then initialized by a secondary sequence of malloc()
> calls. If one of these calls fails, libpng's cleanup routine will
> attempt to free the entire array, including any uninitialized
> pointers, which could lead to execution of an attacker's code with
> the privileges of the libpng user (including remote compromise in the
> case of a libpng-based browser visiting a hostile web site).
> The current release libpng 1.0.43/1.2.35 has the fix. So upgrade
> libpng tarballs to 1.0.43/1.2.35.
>
> *++ spec-diff:*
>
> Diff between libpng10.spec files used to build:
> --- base-specs-orig/libpng10.spec 2009-04-20 17:39:33.886885000
> +0530
> +++ base-specs/libpng10.spec 2009-04-20 17:46:20.937636000 +0530
> @@ -1,7 +1,7 @@
> #
> # spec file for package libpng10
> #
> -# Copyright 2007 Sun Microsystems, Inc.
> +# Copyright 2009 Sun Microsystems, Inc.
> # This file and all modifications and additions to the pristine
> # package are under the same license as the package itself.
> #
> @@ -10,7 +10,7 @@
> Name: libpng10
> License: other
> Group: System/Libraries
> -Version: 1.0.26
> +Version: 1.0.43
> Release: 1
> Distribution: Java Desktop System
> Vendor: Sun Microsystems, Inc.
> @@ -85,5 +85,7 @@
> %{_mandir}/*
>
> %changelog
> +* Mon Apr 21 2009 - abhijit.nath at sun.com
> +- bump to 1.0.43
> * Thu May 17 2007 - laca at sun.com
> - Create
>
>
>
> Diff between libpng12.spec files used to build :
> --- base-specs-orig/libpng12.spec 2009-04-20 17:39:34.278065000
> +0530
> +++ base-specs/libpng12.spec 2009-04-20 17:50:56.556352000 +0530
> @@ -1,7 +1,7 @@
> #
> # spec file for package libpng12
> #
> -# Copyright 2007 Sun Microsystems, Inc.
> +# Copyright 2009 Sun Microsystems, Inc.
> # This file and all modifications and additions to the pristine
> # package are under the same license as the package itself.
> #
> @@ -10,7 +10,7 @@
> Name: libpng10
> License: other
> Group: System/Libraries
> -Version: 1.2.18
> +Version: 1.2.35
> Release: 1
> Distribution: Java Desktop System
> Vendor: Sun Microsystems, Inc.
> @@ -85,5 +85,7 @@
> %{_mandir}/*
>
> %changelog
> +* Mon Apr 21 2009 - abhijit.nath at sun.com
> +- bump to 1.2.35
> * Thu May 17 2007 - laca at sun.com
> - Create
>
>
Looks fine
I approve
~Praveen Handigol
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://mail.opensolaris.org/pipermail/jds-review/attachments/20090421/5269eba7/attachment.html>
