mingw June 2010

mingw@lists.fedoraproject.org

3 participants
48 discussions

[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images
by Red Hat Bugzilla 29 Jun '10

29 Jun '10

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=608644 --- Comment #10 from Glenn Randers-Pehrson <glennrp+bmo(a)gmail.com> 2010-06-29 13:34:14 EDT --- (In reply to comment #9) > This also looks like it would affect libpng10, looking quickly at the code. Yes, it does. Upstream has declared end-of-life for libpng10 and does not plan any more updates, even for security, as announced back in February. If that is a hardship, you can complain to png-mng-implemement at lists.sf.net, explain why you still need libpng10, and we might revisit the decision. We also plan to abandon libpng12 at the end of 2010. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 0

[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images
by Red Hat Bugzilla 29 Jun '10

29 Jun '10

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=608644 --- Comment #9 from Vincent Danen <vdanen(a)redhat.com> 2010-06-29 13:22:13 EDT --- This also looks like it would affect libpng10, looking quickly at the code. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 0

[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images
by Red Hat Bugzilla 29 Jun '10

29 Jun '10

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=608644 Vincent Danen <vdanen(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |vdanen(a)redhat.com --- Comment #8 from Vincent Danen <vdanen(a)redhat.com> 2010-06-29 13:11:28 EDT --- Looks like this is the upstream commit to fix this issue: http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdi… -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 0

[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images
by Red Hat Bugzilla 29 Jun '10

29 Jun '10

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=608644 --- Comment #7 from Jan Lieskovsky <jlieskov(a)redhat.com> 2010-06-29 10:45:32 EDT --- Created mingw32-libpng tracking bugs for this issue Affects: fedora-all [bug 609162] -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 0

[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images
by Red Hat Bugzilla 29 Jun '10

29 Jun '10

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=608644 --- Comment #6 from Jan Lieskovsky <jlieskov(a)redhat.com> 2010-06-29 10:45:28 EDT --- Created libpng tracking bugs for this issue Affects: fedora-all [bug 609161] -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 0

[Bug 608644] CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images
by Red Hat Bugzilla 29 Jun '10

29 Jun '10

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=608644 Jan Lieskovsky <jlieskov(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|libpng: Memory leak when |CVE-2010-2249 libpng: |processing Physical Scale |Memory leak when processing |(sCAL) images |Physical Scale (sCAL) | |images Alias| |CVE-2010-2249 --- Comment #4 from Jan Lieskovsky <jlieskov(a)redhat.com> 2010-06-29 10:30:31 EDT --- CVE identifier of CVE-2010-2249 has been assigned to this. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 0

[Bug 608644] libpng: Memory leak when processing Physical Scale (sCAL) images
by Red Hat Bugzilla 28 Jun '10

28 Jun '10

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=608644 Glenn Randers-Pehrson <glennrp+bmo(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |glennrp+bmo(a)gmail.com --- Comment #3 from Glenn Randers-Pehrson <glennrp+bmo(a)gmail.com> 2010-06-28 12:11:22 EDT --- A defense for applications that don't need or want the sCAL chunk is to use the png_set_keep_unknown_chunks() mechanism to ignore it. See Mozilla's libpr0n/decoders/png or ImageMagick and GraphicsMagick's coders/png.c, and pngcrush for examples of this. It's a good idea for applications to do this because it reduces resources consumed in reading a PNG, and it reduces their attack surface by making the application invulnerable to future vulnerabilities in known but unused chunks such as sCAL. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 0

[Bug 510368] MinGW: Cannot compile with debug versions of Qt libs with qmake
by Red Hat Bugzilla 28 Jun '10

28 Jun '10

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=510368 Bug Zapper <fedora-triage-list(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution| |WONTFIX --- Comment #5 from Bug Zapper <fedora-triage-list(a)redhat.com> 2010-06-28 09:31:40 EDT --- Fedora 11 changed to end-of-life (EOL) status on 2010-06-25. Fedora 11 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. Thank you for reporting this bug and we are sorry it could not be fixed. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 0

[Bug 608644] libpng: Memory leak when processing Physical Scale (sCAL) images
by Red Hat Bugzilla 28 Jun '10

28 Jun '10

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=608644 --- Comment #2 from Tomas Hoger <thoger(a)redhat.com> 2010-06-28 07:46:27 EDT --- *** Bug 608642 has been marked as a duplicate of this bug. *** -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 0

[Bug 608644] libpng: Memory leak when processing Physical Scale (sCAL) images
by Red Hat Bugzilla 28 Jun '10

28 Jun '10

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

mingw June 2010