March 2014 - mingw - Fedora Mailing-Lists

[Bug 1074648] New: CVE-2014-2240 mingw-freetype: freetype: OOB stack-based read/write in cf2_hintmap_build() [fedora-20]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1074648 Bug ID: 1074648 Summary: CVE-2014-2240 mingw-freetype: freetype: OOB stack-based read/write in cf2_hintmap_build() [fedora-20] Product: Fedora Version: 20 Component: mingw-freetype Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: rjones(a)redhat.com Reporter: vdanen(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, lfarkas(a)lfarkas.org, rjones(a)redhat.com Blocks: 1074646 (CVE-2014-2240) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please use the bodhi submission link noted in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the Bodhi notes field when available. fedora-20 tracking bug for mingw-freetype: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1074646 [Bug 1074646] CVE-2014-2240 freetype: OOB stack-based read/write in cf2_hintmap_build() -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=zK27i6Rkr1&a=cc_unsubscribe

9 years, 11 months

1
5
0 / 0

[Bug 1074649] New: CVE-2014-2240 mingw-freetype: freetype: OOB stack-based read/write in cf2_hintmap_build() [fedora-19]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1074649 Bug ID: 1074649 Summary: CVE-2014-2240 mingw-freetype: freetype: OOB stack-based read/write in cf2_hintmap_build() [fedora-19] Product: Fedora Version: 19 Component: mingw-freetype Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: rjones(a)redhat.com Reporter: vdanen(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, lfarkas(a)lfarkas.org, rjones(a)redhat.com Blocks: 1074646 (CVE-2014-2240) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please use the bodhi submission link noted in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the Bodhi notes field when available. fedora-19 tracking bug for mingw-freetype: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1074646 [Bug 1074646] CVE-2014-2240 freetype: OOB stack-based read/write in cf2_hintmap_build() -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=WvLZALxG0Q&a=cc_unsubscribe

9 years, 11 months

1
5
0 / 0

[Bug 1043744] New: CVE-2013-6425 mingw-pixman: pixman: integer underflow when handling trapezoids [fedora-all]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1043744 Bug ID: 1043744 Summary: CVE-2013-6425 mingw-pixman: pixman: integer underflow when handling trapezoids [fedora-all] Product: Fedora Version: 19 Component: mingw-pixman Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: rjones(a)redhat.com Reporter: huzaifas(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, lfarkas(a)lfarkas.org, rjones(a)redhat.com Blocks: 1037975 (CVE-2013-6425) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please use the bodhi submission link noted in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the Bodhi notes field when available. Please note: this issue affects multiple supported versions of Fedora. Only one tracking bug has been filed; please ensure that it is only closed when all affected versions are fixed. [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1037975 [Bug 1037975] CVE-2013-6425 pixman: integer underflow when handling trapezoids -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=owlZAibmE1&a=cc_unsubscribe

9 years, 11 months

1
8
0 / 0

[Bug 795426] New: cannot link with _ftime_s

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: cannot link with _ftime_s https://bugzilla.redhat.com/show_bug.cgi?id=795426 Summary: cannot link with _ftime_s Product: Fedora Version: rawhide Platform: Unspecified OS/Version: Unspecified Status: NEW Severity: unspecified Priority: unspecified Component: mingw32-gcc AssignedTo: rjones(a)redhat.com ReportedBy: cfergeau(a)redhat.com QAContact: extras-qa(a)fedoraproject.org CC: rjones(a)redhat.com, kalevlember(a)gmail.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org Classification: Fedora Story Points: --- Type: --- Regression: --- Mount Type: --- Documentation: --- // $ i686-w64-mingw32-gcc -Wimplicit-function-declaration ./ftime.c // // /tmp/ccdYAiqO.o:ftime.c:(.text+0x16): undefined reference to`_imp___ftime_s' // collect2: error: ld returned 1 exit status // // No warning, this means the function is declared in headers (gcc -E shows // it comes from sec_api/sys/timeb_s.h) but it's not available at link time. /* $ rpm -qa mingw32* mingw32-binutils-2.22.51-3.fc17_cross.x86_64 mingw32-gcc-4.7.0-0.3.20120123.fc16_cross.x86_64 mingw32-filesystem-92-1.fc18_cross.noarch mingw32-cpp-4.7.0-0.3.20120123.fc16_cross.x86_64 mingw32-headers-2.0.999-0.1.trunk.20120120.fc17_cross.noarch mingw32-crt-2.0.999-0.3.trunk.20120124.fc17_cross.noarch mingw32-gcc-c++-4.7.0-0.3.20120123.fc16_cross.x86_64 */ #include <stdlib.h> // for NULL #include <sys/timeb.h> int main(int argc, char **argv) { _ftime_s(NULL); return 0; } -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

9 years, 11 months

1
4
0 / 0

[Bug 1056858] New: CVE-2013-6954 mingw-libpng: libpng: unhandled zero-length PLTE chunk or NULL palette [fedora-19]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1056858 Bug ID: 1056858 Summary: CVE-2013-6954 mingw-libpng: libpng: unhandled zero-length PLTE chunk or NULL palette [fedora-19] Product: Fedora Version: 19 Component: mingw-libpng Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: rjones(a)redhat.com Reporter: huzaifas(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, ktietz(a)redhat.com, lfarkas(a)lfarkas.org, rjones(a)redhat.com Blocks: 1045561 (CVE-2013-6954) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please use the bodhi submission link noted in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the Bodhi notes field when available. fedora-19 tracking bug for mingw-libpng: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1045561 [Bug 1045561] CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or NULL palette -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Un14vuFRae&a=cc_unsubscribe

9 years, 11 months

1
2
0 / 0

[Bug 858073] New: Review Request: mingw-qt5-qtpim - Qt5 for Windows - QtPim component

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=858073 Bug ID: 858073 QA Contact: extras-qa(a)fedoraproject.org Severity: unspecified Version: rawhide Priority: unspecified CC: fedora-mingw(a)lists.fedoraproject.org, notting(a)redhat.com, package-review(a)lists.fedoraproject.org Assignee: nobody(a)fedoraproject.org Summary: Review Request: mingw-qt5-qtpim - Qt5 for Windows - QtPim component Regression: --- Story Points: --- Classification: Fedora OS: Unspecified Reporter: erik-fedora(a)vanpienbroek.nl Type: Bug Documentation: --- Hardware: Unspecified Mount Type: --- Status: NEW Component: Package Review Product: Fedora Spec URL: http://svn.openftd.org/svn/fedora_cross/mingw-qt5-qtpim/mingw-qt5-qtpim.spec SRPM URL: http://ftd4linux.nl/contrib/mingw-qt5-qtpim-5.0.0-0.1.beta1.fc17.src.rpm Fedora Account System Username: epienbro Description: This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler. -- You are receiving this mail because: You are on the CC list for the bug.

9 years, 11 months

1
10
0 / 0

[Bug 858065] New: Review Request: mingw-qt5-qtfeedback - Qt5 for Windows - QtFeedback component

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=858065 Bug ID: 858065 QA Contact: extras-qa(a)fedoraproject.org Severity: unspecified Version: rawhide Priority: unspecified CC: fedora-mingw(a)lists.fedoraproject.org, notting(a)redhat.com, package-review(a)lists.fedoraproject.org Assignee: nobody(a)fedoraproject.org Summary: Review Request: mingw-qt5-qtfeedback - Qt5 for Windows - QtFeedback component Regression: --- Story Points: --- Classification: Fedora OS: Unspecified Reporter: erik-fedora(a)vanpienbroek.nl Type: Bug Documentation: --- Hardware: Unspecified Mount Type: --- Status: NEW Component: Package Review Product: Fedora Spec URL: http://svn.openftd.org/svn/fedora_cross/mingw-qt5-qtfeedback/mingw-qt5-qt... SRPM URL: http://ftd4linux.nl/contrib/mingw-qt5-qtfeedback-5.0.0-0.1.beta1.fc17.src... Fedora Account System Username: epienbro Description: This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler. -- You are receiving this mail because: You are on the CC list for the bug.

9 years, 11 months

1
11
0 / 0

[Bug 1070988] New: CVE-2014-0333 mingw-libpng: libpng: denial of service via png_push_read_chunk() [fedora-20]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1070988 Bug ID: 1070988 Summary: CVE-2014-0333 mingw-libpng: libpng: denial of service via png_push_read_chunk() [fedora-20] Product: Fedora Version: 20 Component: mingw-libpng Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: rjones(a)redhat.com Reporter: vdanen(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, ktietz(a)redhat.com, lfarkas(a)lfarkas.org, rjones(a)redhat.com Blocks: 1070985 (CVE-2014-0333) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please use the bodhi submission link noted in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the Bodhi notes field when available. fedora-20 tracking bug for mingw-libpng: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1070985 [Bug 1070985] CVE-2014-0333 libpng: denial of service via png_push_read_chunk() -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=i3Skr0tvnN&a=cc_unsubscribe

10 years, 1 month

1
5
0 / 0

[Bug 1056859] New: CVE-2013-6954 mingw-libpng: libpng: unhandled zero-length PLTE chunk or NULL palette [fedora-20]

by Red Hat Bugzilla

https://bugzilla.redhat.com/show_bug.cgi?id=1056859 Bug ID: 1056859 Summary: CVE-2013-6954 mingw-libpng: libpng: unhandled zero-length PLTE chunk or NULL palette [fedora-20] Product: Fedora Version: 20 Component: mingw-libpng Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: rjones(a)redhat.com Reporter: huzaifas(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: drizt(a)land.ru, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, ktietz(a)redhat.com, lfarkas(a)lfarkas.org, rjones(a)redhat.com Blocks: 1045561 (CVE-2013-6954) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please use the bodhi submission link noted in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the Bodhi notes field when available. fedora-20 tracking bug for mingw-libpng: see blocks bug list for full details of the security issue(s). [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1045561 [Bug 1045561] CVE-2013-6954 libpng: unhandled zero-length PLTE chunk or NULL palette -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=k5oYmvG6z0&a=cc_unsubscribe

10 years, 1 month

1
5
0 / 0

Version Discrepancy Report

by Michael Cronenworth

------------------------------------------ MinGW/native package version discrepancies ------------------------------------------ Fedora N Matches Found: 40 Fedora Rawhide Matches Found: 40 +---------------------------------------------+ | f20 | rawhide | owner | +-------------------------------+---------------+---------------+-------------+ | cairo | 1.13.1 | 1.13.1 | | | mingw-cairo | 1.12.16 | 1.12.16 | rjones | +-------------------------------+---------------+---------------+-------------+ | curl | 7.32.0 | 7.36.0 | | | mingw-curl | 7.33.0 | 7.33.0 | epienbro | +-------------------------------+---------------+---------------+-------------+ | cxxtest | 4.3 | 4.3 | | | mingw-cxxtest | 3.10.1 | 3.10.1 | astokes | +-------------------------------+---------------+---------------+-------------+ | dbus | | 1.6.18 | | | mingw-dbus | | 1.6.12 | ivanromanov | +-------------------------------+---------------+---------------+-------------+ | fftw | 3.3.4 | 3.3.4 | | | mingw-fftw | 3.3.3 | 3.3.3 | sailer | +-------------------------------+---------------+---------------+-------------+ | fontconfig | | 2.11.1 | | | mingw-fontconfig | | 2.11.0 | rjones | +-------------------------------+---------------+---------------+-------------+ | freeimage | 3.10.0 | 3.10.0 | | | mingw-freeimage | 3.15.4 | 3.15.4 | smani | +-------------------------------+---------------+---------------+-------------+ | freetype | 2.5.0 | 2.5.3 | | | mingw-freetype | 2.5.0.1 | 2.5.0.1 | rjones | +-------------------------------+---------------+---------------+-------------+ | gdbm | | 1.11 | | | mingw-gdbm | | 1.10 | rjones | +-------------------------------+---------------+---------------+-------------+ | giflib | 4.1.6 | 4.1.6 | | | mingw-giflib | 5.0.5 | 5.0.5 | smani | +-------------------------------+---------------+---------------+-------------+ | glib-networking | | 2.40.0 | | | mingw-glib-networking | | 2.38.2 | kalev | +-------------------------------+---------------+---------------+-------------+ | glibmm24 | | 2.39.92 | | | mingw-glibmm24 | | 2.39.91 | sailer | +-------------------------------+---------------+---------------+-------------+ | gstreamer1 | 1.2.3 | 1.2.3 | | | mingw-gstreamer1 | 1.2.1 | 1.2.1 | pfor | +-------------------------------+---------------+---------------+-------------+ | gstreamer1-plugins-base | 1.2.3 | 1.2.3 | | | mingw-gstreamer1-plugins-base | 1.2.1 | 1.2.1 | pfor | +-------------------------------+---------------+---------------+-------------+ | gtkhtml3 | | 4.8.0 | | | mingw-gtkhtml3 | | 4.6.6 | epienbro | +-------------------------------+---------------+---------------+-------------+ | gtkmm30 | 3.10.1 | 3.11.9 | | | mingw-gtkmm30 | 3.8.1 | 3.8.1 | kalev | +-------------------------------+---------------+---------------+-------------+ | gtksourceview3 | 3.10.2 | 3.12.0 | | | mingw-gtksourceview3 | 3.8.1 | 3.9.91 | kalev | +-------------------------------+---------------+---------------+-------------+ | icu | | 52.1 | | | mingw-icu | | 50.1.2 | pfor | +-------------------------------+---------------+---------------+-------------+ | libgcrypt | | 1.6.1 | | | mingw-libgcrypt | | 1.5.3 | rjones | +-------------------------------+---------------+---------------+-------------+ | libgeotiff | 1.2.5 | 1.2.5 | | | mingw-libgeotiff | 1.4.0 | 1.4.0 | smani | +-------------------------------+---------------+---------------+-------------+ | libosinfo | 0.2.9 | 0.2.9 | | | mingw-libosinfo | 0.2.8 | 0.2.8 | berrange | +-------------------------------+---------------+---------------+-------------+ | libpng | 1.6.3 | 1.6.8 | | | mingw-libpng | 1.6.10 | 1.6.10 | rjones | +-------------------------------+---------------+---------------+-------------+ | libsigsegv | 2.10 | 2.10 | | | mingw-libsigsegv | 2.6 | 2.6 | bonzini | +-------------------------------+---------------+---------------+-------------+ | libsoup | | 2.46.0 | | | mingw-libsoup | | 2.44.2 | epienbro | +-------------------------------+---------------+---------------+-------------+ | libtasn1 | | 3.4 | | | mingw-libtasn1 | | 3.3 | kalev | +-------------------------------+---------------+---------------+-------------+ | libusbx | 1.0.18 | 1.0.18 | | | mingw-libusbx | 1.0.15 | 1.0.15 | elmarco | +-------------------------------+---------------+---------------+-------------+ | libvirt | 1.1.3.4 | 1.2.2 | | | mingw-libvirt | 1.1.3.1 | 1.2.0 | berrange | +-------------------------------+---------------+---------------+-------------+ | libvorbis | 1.3.4 | 1.3.4 | | | mingw-libvorbis | 1.3.3 | 1.3.3 | kalev | +-------------------------------+---------------+---------------+-------------+ | libwebp | 0.3.1 | 0.4.0 | | | mingw-libwebp | 0.2.1 | 0.2.1 | pfor | +-------------------------------+---------------+---------------+-------------+ | llvm | 3.3 | 3.4 | | | mingw-llvm | 3.0 | 3.0 | brouhaha | +-------------------------------+---------------+---------------+-------------+ | orc | 0.4.18 | 0.4.18 | | | mingw-orc | 0.4.16 | 0.4.16 | elmarco | +-------------------------------+---------------+---------------+-------------+ | pcre | | 8.35 | | | mingw-pcre | | 8.34 | astokes | +-------------------------------+---------------+---------------+-------------+ | polyclipping | | 6.1.3a | | | mingw-polyclipping | | 5.1.6 | sailer | +-------------------------------+---------------+---------------+-------------+ | poppler | 0.24.3 | 0.24.3 | | | mingw-poppler | 0.24.5 | 0.24.5 | smani | +-------------------------------+---------------+---------------+-------------+ | qpid-cpp | 0.24 | 0.26 | | | mingw-qpid-cpp | 0.14 | 0.14 | beekhof | +-------------------------------+---------------+---------------+-------------+ | shapelib | 1.3.0f | 1.3.0f | | | mingw-shapelib | 1.3.0 | 1.3.0 | smani | +-------------------------------+---------------+---------------+-------------+ | spice-protocol | 0.12.6 | 0.12.6 | | | mingw-spice-protocol | 0.12.4 | 0.12.4 | kraxel | +-------------------------------+---------------+---------------+-------------+ | sqlite | 3.8.4.2 | 3.8.4.2 | | | mingw-sqlite | 3.8.2 | 3.8.2 | rjones | +-------------------------------+---------------+---------------+-------------+ | tk | 8.5.14 | 8.5.15 | | | mingw-tk | 8.5.13 | 8.5.13 | roma | +-------------------------------+---------------+---------------+-------------+ | webkitgtk3 | | 2.4.0 | | | mingw-webkitgtk3 | | 2.2.6 | kalev | +-------------------------------+---------------+---------------+-------------+

10 years, 1 month

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

mingw March 2014