Now
MAIN commitmail json YAML
pkgsrc/graphics/jbigkit/Makefile@1.6
/
diff
pkgsrc/graphics/jbigkit/distinfo@1.5 / diff
pkgsrc/graphics/jbigkit/patches/patch-Makefile@1.2 / diff
pkgsrc/graphics/jbigkit/patches/patch-aa@1.4 / diff
pkgsrc/graphics/jbigkit/patches/patch-ab@1.5 / diff
pkgsrc/graphics/jbigkit/distinfo@1.5 / diff
pkgsrc/graphics/jbigkit/patches/patch-Makefile@1.2 / diff
pkgsrc/graphics/jbigkit/patches/patch-aa@1.4 / diff
pkgsrc/graphics/jbigkit/patches/patch-ab@1.5 / diff
Update jbigkit to 2.1.
Changes in version 2.1 (2014-04-08)
This is a security-critical bug-fix release that remains API and ABI
backwards compatible to version 2.0. Users who process BIE data from
untrusted sources should upgrade.
- fixed a buffer-overflow vulnerability in the jbig.c decoder,
reported by Florian Weimer (Red Hat): CVE-2013-6369
- fixed ability of corrupted input data to force jbig85.c decoder
into an end-less loop
- fixed a bug in the processing of private deterministic-prediction
tables (DPPRIV=1) in jbig.c decoder
- fixed integer-type mismatches in printf arguments on 64-bit systems
- fuzz-testing script added
Changes in version 2.1 (2014-04-08)
This is a security-critical bug-fix release that remains API and ABI
backwards compatible to version 2.0. Users who process BIE data from
untrusted sources should upgrade.
- fixed a buffer-overflow vulnerability in the jbig.c decoder,
reported by Florian Weimer (Red Hat): CVE-2013-6369
- fixed ability of corrupted input data to force jbig85.c decoder
into an end-less loop
- fixed a bug in the processing of private deterministic-prediction
tables (DPPRIV=1) in jbig.c decoder
- fixed integer-type mismatches in printf arguments on 64-bit systems
- fuzz-testing script added