mingw March 2016

mingw@lists.fedoraproject.org

2 participants
45 discussions

[Bug 914790] Review Request: mingw-libcacard - CAC (Common Access Card) library
by Red Hat Bugzilla 19 Mar '16

19 Mar '16

https://bugzilla.redhat.com/show_bug.cgi?id=914790 Bug 914790 depends on bug 914788, which changed state. Bug 914788 Summary: Review Request: mingw-libtool - The GNU Portable Library Tool for MinGW https://bugzilla.redhat.com/show_bug.cgi?id=914788 What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 914788] Review Request: mingw-libtool - The GNU Portable Library Tool for MinGW
by Red Hat Bugzilla 19 Mar '16

19 Mar '16

https://bugzilla.redhat.com/show_bug.cgi?id=914788 Marc-Andre Lureau <marcandre.lureau(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX Last Closed| |2016-03-19 19:57:11 --- Comment #6 from Marc-Andre Lureau <marcandre.lureau(a)redhat.com> --- I no longer need it, now that libcacard has been moved to a separate package. Feel free to reopen whoever want it. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 914788] Review Request: mingw-libtool - The GNU Portable Library Tool for MinGW
by Red Hat Bugzilla 19 Mar '16

19 Mar '16

https://bugzilla.redhat.com/show_bug.cgi?id=914788 --- Comment #5 from František Dvořák <valtri(a)civ.zcu.cz> --- This review is probably stalled and can be closed within week according to https://fedoraproject.org/wiki/Policy_for_stalled_package_reviews . -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 954148] Review Request: mingw-enet - Thin, simple and robust network layer on top of UDP
by Red Hat Bugzilla 19 Mar '16

19 Mar '16

https://bugzilla.redhat.com/show_bug.cgi?id=954148 --- Comment #2 from František Dvořák <valtri(a)civ.zcu.cz> --- This review looks like stalled and can be closed within week according to https://fedoraproject.org/wiki/Policy_for_stalled_package_reviews . -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1318978] New: CVE-2016-3190 mingw-cairo: cairo: out of bounds read in fill_xrgb32_lerp_opaque_spans [epel-7]
by Red Hat Bugzilla 18 Mar '16

18 Mar '16

https://bugzilla.redhat.com/show_bug.cgi?id=1318978 Bug ID: 1318978 Summary: CVE-2016-3190 mingw-cairo: cairo: out of bounds read in fill_xrgb32_lerp_opaque_spans [epel-7] Product: Fedora EPEL Version: epel7 Component: mingw-cairo Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: rjones(a)redhat.com Reporter: anemec(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, marcandre.lureau(a)redhat.com, rjones(a)redhat.com, t.sailer(a)alumni.ethz.ch Blocks: 1318977 (CVE-2016-3190) This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora EPEL. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1318977 [Bug 1318977] CVE-2016-3190 cairo: out of bounds read in fill_xrgb32_lerp_opaque_spans -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1318977] New: CVE-2016-3190 cairo: out of bounds read in fill_xrgb32_lerp_opaque_spans
by Red Hat Bugzilla 18 Mar '16

18 Mar '16

https://bugzilla.redhat.com/show_bug.cgi?id=1318977 Bug ID: 1318977 Summary: CVE-2016-3190 cairo: out of bounds read in fill_xrgb32_lerp_opaque_spans Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: anemec(a)redhat.com CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, marcandre.lureau(a)redhat.com, otte(a)redhat.com, rjones(a)redhat.com, t.sailer(a)alumni.ethz.ch A vulnerability was found in cairo. A maliciously crafted file can cause out of bounds read in fill_xrgb32_lerp_opaque_spans function in cairo, thus crashing the software. Upstream fix: https://cgit.freedesktop.org/cairo/patch/src/cairo-image-compositor.c?id=5c… References: http://seclists.org/oss-sec/2016/q1/675 External references: https://mail.gnome.org/archives/gnome-announce-list/2015-March/msg00047.html -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1175542] New: Building NASM with mingw-gcc fails in a strange manner
by Red Hat Bugzilla 17 Mar '16

17 Mar '16

https://bugzilla.redhat.com/show_bug.cgi?id=1175542 Bug ID: 1175542 Summary: Building NASM with mingw-gcc fails in a strange manner Product: Fedora Version: 20 Component: mingw32-gcc Assignee: rjones(a)redhat.com Reporter: hpa(a)zytor.com QA Contact: extras-qa(a)fedoraproject.org CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, kalevlember(a)gmail.com, rjones(a)redhat.com Description of problem: Building NASM 2.11.07 (or from git) with i686-w63-mingw32 fails with a bunch of duplicate symbol errors. Removing -std=c99 from the command line seems to make it work, but I have not been able to reduce it to a smaller example. Version-Release number of selected component (if applicable): mingw32-gcc-4.8.3-1.fc20.x86_64 How reproducible: 100% Steps to Reproduce: 1. Get NASM 2.11.07 source code. 2. ./autogen.sh 3. ./configure --host=i686-w64-mingw32 4. make Actual results: Build failure with a bunch of strange symbol errors. Expected results: Executables produced. Additional info: -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=NINW6IoVUD&a=cc_unsubscribe

1 5

[Bug 1312782] New: pcre: Heap buffer overflow in pcretest causing infinite loop
by Red Hat Bugzilla 17 Mar '16

17 Mar '16

https://bugzilla.redhat.com/show_bug.cgi?id=1312782 Bug ID: 1312782 Summary: pcre: Heap buffer overflow in pcretest causing infinite loop Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: amaris(a)redhat.com CC: adam.stokes(a)gmail.com, andrew(a)beekhof.net, csutherl(a)redhat.com, databases-maint(a)redhat.com, dknox(a)redhat.com, erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, fidencio(a)redhat.com, jclere(a)redhat.com, jdornak(a)redhat.com, jdoyle(a)redhat.com, jgrulich(a)redhat.com, jorton(a)redhat.com, klember(a)redhat.com, lgao(a)redhat.com, lkundrak(a)v3.sk, marcandre.lureau(a)redhat.com, mbabacek(a)redhat.com, mclasen(a)redhat.com, mmaslano(a)redhat.com, myarboro(a)redhat.com, pmyers(a)valanet.net, ppisar(a)redhat.com, pslavice(a)redhat.com, rcollet(a)redhat.com, rjones(a)redhat.com, rmeggins(a)redhat.com, rsvoboda(a)redhat.com, t.sailer(a)alumni.ethz.ch, twalsh(a)redhat.com, walters(a)redhat.com, webstack-team(a)redhat.com, weli(a)redhat.com Heap-based buffer overread caused by specially crafted input triggering infinite loop in pcretest.c was found affecting pcre 8.38. pcretest went into loop if global matching was requested with an ovector size less than 2. Upstream bug: https://bugs.exim.org/show_bug.cgi?id=1777 Upstream patch: http://vcs.pcre.org/pcre?view=revision&revision=1637 CVE request: http://seclists.org/oss-sec/2016/q1/460 -- You are receiving this mail because: You are on the CC list for the bug.

1 16

[Bug 1312794] New: mingw-glib2: pcre: Heap buffer overflow in pcretest causing infinite loop [epel-7]
by Red Hat Bugzilla 17 Mar '16

17 Mar '16

https://bugzilla.redhat.com/show_bug.cgi?id=1312794 Bug ID: 1312794 Summary: mingw-glib2: pcre: Heap buffer overflow in pcretest causing infinite loop [epel-7] Product: Fedora EPEL Version: epel7 Component: mingw-glib2 Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: erik-fedora(a)vanpienbroek.nl Reporter: amaris(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, marcandre.lureau(a)redhat.com, rjones(a)redhat.com, t.sailer(a)alumni.ethz.ch Blocks: 1312782 This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora EPEL. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1312782 [Bug 1312782] pcre: Heap buffer overflow in pcretest causing infinite loop -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1312791] New: mingw-glib2: pcre: Heap buffer overflow in pcretest causing infinite loop [fedora-all]
by Red Hat Bugzilla 17 Mar '16

17 Mar '16

https://bugzilla.redhat.com/show_bug.cgi?id=1312791 Bug ID: 1312791 Summary: mingw-glib2: pcre: Heap buffer overflow in pcretest causing infinite loop [fedora-all] Product: Fedora Version: 23 Component: mingw-glib2 Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: erik-fedora(a)vanpienbroek.nl Reporter: amaris(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: erik-fedora(a)vanpienbroek.nl, fedora-mingw(a)lists.fedoraproject.org, fidencio(a)redhat.com, klember(a)redhat.com, marcandre.lureau(a)redhat.com, rjones(a)redhat.com, t.sailer(a)alumni.ethz.ch Blocks: 1312782 This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of Fedora. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While only one tracking bug has been filed, please correct all affected versions at the same time. If you need to fix the versions independent of each other, you may clone this bug as appropriate. [bug automatically created by: add-tracking-bugs] Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1312782 [Bug 1312782] pcre: Heap buffer overflow in pcretest causing infinite loop -- You are receiving this mail because: You are on the CC list for the bug.

1 2

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

mingw March 2016