[Bf-committers] [Patch]Solving security issues CVE-2008-1103 (partialy) and CVE-2008-4083
Jochen Schmitt
Jochen at herr-schmitt.de
Wed Jan 20 20:00:52 CET 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Am 20.01.2010 18:09, schrieb Martin Poirier:
> Hi,
>
> Thanks for the patches, but no more changes are going into 2.49 at
> this point (no more releases of the version are planned).
>
> If the issues are also present in the 2.5 line (now trunk), you are
> invited to submit patches against that.
>
> The quit.blend file in .blender would good for sure, IMHO.
The second patch was a solution von CVE-2008-4863. Detailed
information you may find at
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4863
Unfortunately, there was a lot of work on the file on which this
patch will be applied. So it may be nice, if you can doublecheck
this patch.
Best Regards:
Jochen Schmitt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iJwEAQECAAYFAktXUtYACgkQZLAIBz9lVu/f3QP+I2yDa9R1TrMK/bIje5S8IE2W
LTZGb1tKMmVLjtMA5Z/O+hD40nkuIf+8hOK/LP/+bui0GkR+DSr+WmepJyjlqT7j
Efewvp21tzfOLdsPH6hEl3w1LiJz08Ye7QlTvpjSPHR15G2WwaXh81YFAbSUPb6O
7RiQtiB/S+5cbOWgDIo=
=Vsn3
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: blender-CVE-2008-4863.patch
Type: text/x-patch
Size: 690 bytes
Desc: not available
Url : http://lists.blender.org/pipermail/bf-committers/attachments/20100120/e641385e/attachment.bin
More information about the Bf-committers
mailing list