cvs commit: ports/emulators/linux_base-suse-9.3 Makefile distinfo ports/emulators/linux_base-suse-9.3/files rpmlist.conf

Trevor Johnson trevor at FreeBSD.org
Thu Aug 31 06:12:59 UTC 2006 

trevor      2006-08-31 06:12:59 UTC

  FreeBSD ports repository

  Modified files:
    emulators/linux_base-suse-9.3 Makefile distinfo 
    emulators/linux_base-suse-9.3/files rpmlist.conf 
  Log:
  Use updated RPMs (all descriptions are taken verbatim from the INDEX
  file provided by Novell):
  
  glibc-2.3.4-23.4
   This update fixes a problem when debugging threaded programs using gdb.
   The symptom would be that 'info threads' returns empty in every case.
   Everyone who debugs should update.
  
  coreutils-5.3.0-10.2
   Fix a bug in the cp and mv utilities that cause them to terminate with
   a segmentation fault when copying extended attributes fails.
  
  libtiff-3.7.1-7.8,
   This update of libtiff is the result of a source-code audit done by
   Tavis Ormandy. It fixes various bugs that can lead to denial-of-service
   conditions as well as to remote code execution while parsing a tiff image.
   (CVE-2006-3459, CVE-2006-3460, CVE-2006-3461, CVE-2006-3462, CVE-2006-3463,
   CVE-2006-3464, CVE-2006-3465)
  
  giflib-4.1.3-5.2
   This update fixes the following security issues:
  
   - specially crafted GIF files could crash applications
     (CVE-2005-2974).
  
   - specially crafted GIF files could overwrite memory which
     potentially allowed to execute arbitrary code (CVE-2005-3350).
  
  freetype2-2.1.9-4.4
   This security update fixes crashes in the PCF handling of freetype2
   which might be used to crash freetype2 using applications or even
   to execude code in them.
  
   This issue is tracked by the Mitre CVE ID CVE-2006-3467.
  
  gtk2-2.6.4-6.3
   This update fixes the following security problem: a heap overflow in the XPM
   reader allowed attackers to execute arbitrary code via specially crafted XPM
   images (CVE-2005-3186, CVE-2005-2976).
  
  kdelibs3-3.4.0-20.10
   This update contain a fix for kdelibs3.
   The package contained libraries or applications having an internal empty
   rpath / runpath.  This problem leads to programs searching shared libaries
   in the current directory.
  
  arts-1.4.0-10.2
   The KDE soundserver aRts lacked checks around some setuid() calls.  This
   could potentially be used by a local attacker to gain root
   privileges. (CVE-2006-2916)
  
  Add linux_base-8 to CONFLICTS.
  
  Set PORTREVISION to 4.
  
  Remove deprecation.
  
  Revision  Changes    Path
  1.100     +4 -7      ports/emulators/linux_base-suse-9.3/Makefile
  1.28      +24 -24    ports/emulators/linux_base-suse-9.3/distinfo
  1.6       +8 -8      ports/emulators/linux_base-suse-9.3/files/rpmlist.conf

More information about the cvs-all mailing list