Bugs fixed:
341327 Memory corruption inside glib
337491 _gdk_win32_drawable_release_dc: DeleteDC()
called on a GetDC() handle
343425 "grab-notify"-signal is not correctly propagated
for internal children
344244 Window resizing not working when keeping the
aspect fixed
344496 CRLF converting via Clipboard
Sync PLIST with gettext while I'm here.
testing & ok steven@
CVE-2005-3186: Add check to XPM reader to prevent integer overflow for
specially crafted number of colors.
CVE-2005-2975: Fix endless loop with specially crafted number of colors.
Primarily from naddy@. General maintenance release but includes security
fixes for:
CVE-2005-3186: Add check to XPM reader to prevent integer overflow for
specially crafted number of colors.
CVE-2005-2975: Fix endless loop with specially crafted number of colors.
Also, minor port fix from me.
This is a security update addressing the following:
CAN-2004-0782: Heap-based overflow in pixbuf_create_from_xpm
CAN-2004-0783: Stack-based overflow in xpm_extract_color
CAN-2004-0788: ico loader integer overflow
Patches to -stable will be along in the next day or two.
wrong. These are generated files that should be updated automagically by
ports whenever GDK loaders or GTK immodules respectivly are added.
As such, these files shouldn't live under /etc but under /var/db... and
they should be generated on package install instead of through funky
sed magic in the Makefile.
So now they are. :)
Oh and regen the PLIST, since, we're hacking the crap out of it anyway.
deve/glib2 2.2.2 -> 2.2.3
devel/pango 1.2.3 -> 1.2.5
x11/gtk+2 2.2.2 -> 2.2.4
These are minor bugfix updates to the GTK 2.2 series but are starting
to be required by some GTK & Gnome apps.
breaking build or packaging otherwise
- the gtk+2 problem is of unknown nature for now
- hylafax and MyCC break due to systrace translating "" to the current
directory in 'test -d ""' and thus succeeding the test instead of failing;
this is a problem when testing if some variable holds an existing directory
name and that variable is empty
ok naddy@