Описание
ELSA-2020-1037: advancecomp security update (MODERATE)
[1.15-22]
- Resolves: #1686115, integer overflow in png_compress
[1.15-21]
- Resolves: #1711051, CVE-2019-8383 denial of service
- Resolves: #1710910, CVE-2019-8379 null pointer dereference
[1.15-20]
- Mass rebuild 2014-01-24
[1.15-19]
- Mass rebuild 2013-12-27
[1.15-18]
[1.15-17]
[1.15-16]
- Add disttag, modernise spec file
[1.15-15]
- Rebuilt for c++ ABI breakage
[1.15-14]
[1.15-13]
[1.15-12]
[1.15-11]
[1.15-10]
- Autorebuild for GCC 4.3
[1.15-9]
- Rebuild for new BuildID feature.
[1.15-8]
- Update License field.
- Remove dist tag, since the package will seldom change.
[1.15-7]
- Switch to using DESTDIR install method.
[1.15-6]
- Switch to use downloads.sf.net source URL.
- Tweak defattr.
[1.15-5]
- FC6 rebuild, remove gcc-c++ build requirement (its a default).
[1.15-4]
- FC5 rebuild.
[1.15-3]
- Rebuild for new gcc/glibc.
[1.15-2]
- Rebuild for FC5.
[1.15-1]
- Update to 1.15, includes 64bit fixes.
[1.14-5]
- Update 64bit patch to a cleaner approach as Ralf suggested.
[1.14-4]
- fix build on 64bit arches
[1.14-3]
- rebuild on all arches
[1.14-2]
- rebuilt
[1.14-1]
- Update to 1.14.
[1.13-1]
- Update to 1.13.
[1.12-1]
- Update to 1.12.
[1.11-1]
- Update to 1.11.
[1.10-1]
- Update to 1.10.
[1.7-2]
- Rebuild for Fedora Core 1.
- Added missing build dependencies, thanks to mach.
- Tue Aug 26 2003 Matthias Saou http://freshrpms.net/
- Update to 1.7.
- Thu May 22 2003 Matthias Saou http://freshrpms.net/
- Initial RPM release.
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
advancecomp
1.15-22.el7
Oracle Linux x86_64
advancecomp
1.15-22.el7
Связанные CVE
Связанные уязвимости
In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.)
In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.)
In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.)
In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer ...