Author: rjones
Update of /cvs/pkgs/rpms/ocaml-camlimages/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv307
Modified Files:
ocaml-camlimages.spec
Log Message:
- ocaml-camlimages: PNG reader multiple integer overflows
(CVE 2009-2295 / RHBZ#509531).
Index: ocaml-camlimages.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ocaml-camlimages/devel/ocaml-camlimages.spec,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -p -r1.16 -r1.17
--- ocaml-camlimages.spec 23 May 2009 09:03:57 -0000 1.16
+++ ocaml-camlimages.spec 3 Jul 2009 13:50:42 -0000 1.17
@@ -4,7 +4,7 @@
Name: ocaml-camlimages
Version: 3.0.1
-Release: 8%{?dist}
+Release: 9%{?dist}
Summary: OCaml image processing library
Group: Development/Libraries
@@ -17,6 +17,9 @@ ExcludeArch: sparc64 s390 s390x
Patch0: camlimages-3.0.1-display-module.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=509531#c4
+Patch1: camlimages-oversized-png-check-CVE-2009-2295.patch
+
BuildRequires: ocaml >= 3.10.1
BuildRequires: ocaml-lablgtk-devel
BuildRequires: ocaml-x11
@@ -63,6 +66,7 @@ Includes documentation provided by ocaml
# Gdk.Display submodule clashes with the Display module in
# the examples/liv directory, so rename it:
%patch0 -p1
+%patch1 -p1
aclocal -I .
automake
autoconf
@@ -108,6 +112,10 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Fri Jul 3 2009 Richard W.M. Jones <rjones@xxxxxxxxxx> - 3.0.1-9
+- ocaml-camlimages: PNG reader multiple integer overflows
+ (CVE 2009-2295 / RHBZ#509531).
+
* Sat May 23 2009 Richard W.M. Jones <rjones@xxxxxxxxxx> - 3.0.1-8
- Rebuild for OCaml 3.11.1
_______________________________________________
Fedora-ocaml-list mailing list
Fedora-ocaml-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-ocaml-list
