SPECS: ImageMagick.spec - many CVE references

qboosh qboosh at pld-linux.org
Thu Nov 1 14:19:54 CET 2007


Author: qboosh                       Date: Thu Nov  1 13:19:54 2007 GMT
Module: SPECS                         Tag: HEAD
---- Log message:
- many CVE references

---- Files affected:
SPECS:
   ImageMagick.spec (1.256 -> 1.257) 

---- Diffs:

================================================================
Index: SPECS/ImageMagick.spec
diff -u SPECS/ImageMagick.spec:1.256 SPECS/ImageMagick.spec:1.257
--- SPECS/ImageMagick.spec:1.256	Wed Oct 31 22:08:02 2007
+++ SPECS/ImageMagick.spec	Thu Nov  1 14:19:49 2007
@@ -1029,6 +1029,9 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.257  2007/11/01 13:19:49  qboosh
+- many CVE references
+
 Revision 1.256  2007/10/31 21:08:02  arekm
 - up to 6.3.6.4
 
@@ -1036,6 +1039,7 @@
 - up to 6.3.5-9
 - added ipl, dng and exr coders
 - updated BRs
+[fixes CVE-2007-1667 CVE-2007-1797 CVE-2007-4985 CVE-2007-4986 CVE-2007-4987 CVE-2007-4988]
 
 Revision 1.254  2007/05/13 09:38:21  qboosh
 - merged from AC-branch: moved documentation to -doc, fix paths in manpages
@@ -1060,7 +1064,7 @@
 - package djvu coder
 
 Revision 1.248  2007/02/24 14:06:51  arekm
-- up to 6.3.2.8
+- up to 6.3.2.8 [fixes CVE-2007-0770]
 
 Revision 1.247  2007/02/12 21:16:17  glen
 - tabs in preamle
@@ -1091,7 +1095,8 @@
 - rel 2: %{perl_vendorarch}/Image and %{perl_vendorarch}/auto/Image provided by perl-dirs
 
 Revision 1.238  2006/08/21 09:01:41  havner
-- 6.2.9-1 (http://securitytracker.com/id?1016699) [CVE-2006-4144]
+- 6.2.9-1 (http://securitytracker.com/id?1016699)
+[fixes CVE-2006-3743 CVE-2006-3744 CVE-2006-4144 CVE-2006-5868]
 
 Revision 1.237  2006/08/19 10:07:46  qboosh
 - filterout needs rpm.macros >= 1.315
@@ -1103,7 +1108,7 @@
 - -ac and -link patches updated. release 4.
 
 Revision 1.234  2006/04/15 22:03:32  hawk
-- updated to 6.2.6-8
+- updated to 6.2.6-8 [fixes CVE-2006-2440]
 
 Revision 1.233  2006/03/15 19:07:51  qboosh
 - added link patch to remove unnecessary libXt and libSM deps
@@ -1132,7 +1137,7 @@
 - modular xorg deps
 
 Revision 1.225  2006/01/26 16:44:01  wrobell
-- ver. 6.2.6.0
+- ver. 6.2.6.0 [fixes CVE-2005-4601 CVE-2006-0082]
 
 Revision 1.224  2006/01/23 15:08:55  qboosh
 - current policy is not to R: pkgconfig just because package has pkgconfig support
@@ -1173,7 +1178,7 @@
 - STBR
 
 Revision 1.212  2005/06/20 17:40:43  saq
-- up to 6.2.3-2
+- up to 6.2.3-2 [fixes CVE-2005-1275 CVE-2005-1739]
 
 Revision 1.211  2005/05/21 16:08:00  glen
 - TODO security
@@ -1201,6 +1206,7 @@
 - update to version 6.2.0-4
 - this version resolves security problem (for details see
   http://www.k-otik.com/english/advisories/2005/0227)
+[CVE-2005-0397]
 
 Revision 1.203  2005/02/02 21:08:43  adgor
 - Removed fpx.c.patch
@@ -1223,7 +1229,7 @@
 - updated to 6.1.8-5
 
 Revision 1.197  2005/01/07 13:36:43  hawk
-- updated to 6.1.8-0
+- updated to 6.1.8-0 [fixes CVE-2005-0761]
 
 Revision 1.196  2005/01/06 20:47:16  qboosh
 - 6.1.7-5 no longer exists on given site, so point up: 6.1.7-6
@@ -1254,7 +1260,7 @@
 - oh well, 6.1.0-9
 
 Revision 1.187  2004/10/13 18:10:33  hawk
-- updated to 6.1.0-8
+- updated to 6.1.0-8 [fixes CVE-2004-0981]
 - libpath and system-libltdl patches seems to be obsolete now
 - user guide is no longer included in package, doc subpackage removed
 - builds but not tested
@@ -1267,7 +1273,7 @@
 - updated to 6.0.7-1
 
 Revision 1.184  2004/08/30 11:26:44  hawk
-- updated to 6.0.6-2
+- updated to 6.0.6-2 [fixes CVE-2004-0827]
 
 Revision 1.183  2004/08/28 10:35:41  undefine
 - R: (for ImageMagick-deve)
@@ -1332,6 +1338,7 @@
 Revision 1.165  2004/04/25 12:20:20  qboosh
 - updated to 6.0.0-2, removed obsolete magickpp-version patch
 - strict internal deps, separated new dot coder (uses graphviz libs)
+[fixes CVE-2005-0759 CVE-2005-0760 CVE-2005-0762]
 
 Revision 1.164  2004/04/12 22:33:15  pbern
 - add BR: txt2html
@@ -1438,7 +1445,7 @@
 - updated to 5.5.4-2
 
 Revision 1.133  2003/01/30 11:12:47  wiget
-- updated to 5.5.4-1
+- updated to 5.5.4-1 [fixes CVE-2003-0555]
 
 Revision 1.132  2003/01/06 13:45:49  ankry
 - fixed %pver: updated to 5.5.3-2
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SPECS/ImageMagick.spec?r1=1.256&r2=1.257&f=u



More information about the pld-cvs-commit mailing list