- Mon Nov 14 2016 ns80 <ns80> 4.0.6-1.6.mga5
+ Revision: 1067195
- update to latest CVS commit to fix CVE-2016-9273 and CVE-2016-9297 (mga#19758)
- update to 2016-10-26 CVS commit to fix:
* an out-of-bound read of up to 3 bytes in readContigTilesIntoBuffer()
* an out-of-bound read on some tiled images
* CVE-2014-8127 (duplicate: CVE-2016-3658)
* segfault when specifying -r without argument (fax2tiff)
- update to 2016-10-09 CVS commit for CVE-2016-5652 and 3 other security issues (mga#17480)
- address a long list of CVEs (mga#17480):
* update to latest CVS commit for CVE-2015-8668, CVE-2016-3186 (gif2tiff
tool is not provided anymore), CVE-2016-3622, CVE-2016-3623, CVE-2016-3632,
CVE-2016-3945, CVE-2016-3990, CVE-2016-3991, CVE-2016-5314, CVE-2016-5315,
CVE-2016-5316, CVE-2016-5317, CVE-2016-5320, CVE-2016-5321, CVE-2016-5322,
CVE-2016-5323, CVE-2016-5875, CVE-2016-6223
* add a patch from Redhat for CVE-2015-7554 (partial solution, it seems)
- some programs are not provided anymore (package libtiff-progs): bmp2tiff,
gif2tiff, ras2tiff, rgb2ycbcr and thumbnail
+ luigiwalser
- add patch suggested upstream (maptools#2499)
- fixes remaining CVE-2014-8128 issue unfixed upstream
- sync with upstream cvs 20151227, fixes mga#15519, CVE-2015-8665, CVE-2015-8683
- 4.0.6
- 4.0.5
- 4.0.4 (final)
- remove opensuse patches (security issues they fixed and regressions they
caused were fixed upstream) - Wed Mar 18 2015 luigiwalser <luigiwalser> 4.0.4-0.1.mga5
+ Revision: 818759
- 4.0.4beta (fully fixes CVE-2014-8127)
- remove upstream patches - Mon Mar 9 2015 luigiwalser <luigiwalser> 4.0.3-11.mga5
+ Revision: 818271
- add patches from OpenSuSE to fix:
- CVE-2014-812[7-9], CVE-2014-8130, CVE-2014-9655, and CVE-2015-1547 - Wed Oct 15 2014 umeabot <umeabot> 4.0.3-10.mga5
+ Revision: 742880
- Second Mageia 5 Mass Rebuild - Tue Sep 16 2014 umeabot <umeabot> 4.0.3-9.mga5
+ Revision: 681812
- Mageia 5 Mass Rebuild