next
version/2020.3.13
version/2020.3.11
version/2020.3.7
version/2020.3.3
version/2019.1.2
version/2018.3.4
version/3.3.0
version/3.2.0
version/3.0.0-final
version/3.1.0
version/3.0.0
version/2.11.0
version/2.10.0
version/2.8.0-final
version/2.9.0
version/2.8.0
version/2.7.0
version/2.6.0
version/2.4.0-final
version/2.5.0
version/2.4.0
2.2.0-rc1
AFTER_OPENAL_DOPPLER_WORKAROUND
BEFORE_OPENAL_DOPPLER_WORKAROUND
PRE_0_7_2_REORG
PRE_OSG_PLIB_BPOINT
RELEASE_0_0_11
RELEASE_0_0_12
RELEASE_0_0_13
RELEASE_0_0_14
RELEASE_0_0_15
RELEASE_0_0_16
RELEASE_0_0_17
RELEASE_0_0_18
RELEASE_0_0_19pre1
RELEASE_0_0_19pre2
RELEASE_0_0_6
RELEASE_0_0_7
RELEASE_0_2_0
RELEASE_0_3_0
RELEASE_0_3_1
RELEASE_0_3_10
RELEASE_0_3_2
RELEASE_0_3_3
RELEASE_0_3_4
RELEASE_0_3_4_pre1
RELEASE_0_3_5
RELEASE_0_3_5_pre1
RELEASE_0_3_5_pre2
RELEASE_0_3_6
RELEASE_0_3_7
RELEASE_0_3_8
RELEASE_0_3_9
RELEASE_0_57
RELEASE_0_58
RELEASE_0_59
RELEASE_0_6_0
RELEASE_0_6_1
RELEASE_0_6_2
RELEASE_0_7_0
RELEASE_0_7_1
RELEASE_0_7_2
RELEASE_0_7_3
Release-1999_05_01
SIMGEAR_1_9_0
last-cvs
master-20100117
master-20100125
simgear-1.9.1
sm-lastmain
v2.0.0
v2.0.0-rc1
v2.0.0-rc2
v2.0.0-rc3
v2.0.0-rc4
version/2.10.0-final
version/2.12.0
version/2.6.0-final
version/2016.1.0
version/2016.1.1
version/2016.1.2
version/2016.2.0
version/2016.2.1
version/2016.3.0
version/2016.3.1
version/2016.4.0
version/2016.4.1
version/2016.4.3
version/2016.4.4
version/2017.1.0
version/2017.1.1
version/2017.1.2
version/2017.1.3
version/2017.2.0
version/2017.2.1
version/2017.3.0
version/2017.3.1
version/2017.4.0
version/2018.1.1
version/2018.2.0
version/2018.2.1
version/2018.3.0
version/2018.3.3
version/2018.3.5
version/2018.3.6
version/2020.1.2
version/2020.1.3
version/2020.3.1
version/2020.3.10
version/2020.3.12
version/2020.3.2
version/2020.3.4
version/2020.3.5
version/2020.3.6
version/2020.3.8
version/2020.3.9
version/3.4.0
version/3.4.0-final
version/3.5.0
version/3.6.0
version/3.7.0
${ noResults }
4 Commits (next)
Author | SHA1 | Message | Date |
---|---|---|---|
curt | e264c6ad2e |
Updates to remove unneeded and old version of zlib source.
|
19 years ago |
curt | 77e43a5fa8 |
- Added src-libs/boost.tar.gz and README.boost. This is in anticipation
of actually using them in the flightgear event manager. - Now that we have several add on libs we are bundling with simgear (but not automatically built as part of the simgear build) I have moved them to their own subdirectory (src-libs). |
23 years ago |
curt | f6ed02c3fb |
zlib-1.1.3 had a potential security flaw which is fixed by zlib-1.1.4:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Zlib Advisory 2002-03-11 zlib Compression Library Corrupts malloc Data Structures via Double Free Original release date: March 11, 2002 Last revised: March 11, 2002 Source: This advisory is based on a CERT advisory written by Jeffrey P. Lanza http://www.kb.cert.org/vuls/id/368819 Systems Affected * Any software that is linked against zlib 1.1.3 or earlier * Any data compression library derived from zlib 1.1.3 or earlier Overview There is a vulnerability in the zlib shared library that may introduce vulnerabilities into any program that includes zlib. This vulnerability has been assigned a CVE name of CAN-2002-0059 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0059 I. Description There is a vulnerability in the decompression algorithm used by the popular zlib compression library. If an attacker is able to pass a specially-crafted block of invalid compressed data to a program that includes zlib, the program's attempt to decompress the crafted data can cause the zlib routines to corrupt the internal data structures maintained by malloc. The vulnerability results from a programming error that causes segments of dynamically allocated memory to be released more than once (aka. "double-freed"). Specifically, when inftrees.c:huft_build() encounters the crafted data, it returns an unexpected Z_MEM_ERROR to inftrees.c:inflate_trees_dynamic(). When a subsequent call is made to infblock.c:inflate_blocks(), the inflate_blocks function tries to free an internal data structure a second time. Because this vulnerability interferes with the proper allocation and de-allocation of dynamic memory, it may be possible for an attacker to influence the operation of programs that include zlib. In most circumstances, this influence will be limited to denial of service or information leakage, but it is theoretically possible for an attacker to insert arbitrary code into a running program. This code would be executed with the permissions of the vulnerable program. II. Impact This vulnerability may introduce vulnerabilities into any program that includes the affected library. Depending upon how and where the zlib routines are called from the given program, the resulting vulnerability may have one or more of the following impacts: denial of service, information leakage, or execution of arbitrary code. III. Solution Upgrade your version of zlib The maintainers of zlib have released version 1.1.4 to address this vulnerability. Any software that is linked against or derived from an earlier version of zlib should be upgraded immediately. The latest version of zlib is available at http://www.zlib.org The md5 sums of the source archives are: abc405d0bdd3ee22782d7aa20e440f08 zlib-1.1.4.tar.gz ea16358be41384870acbdc372f9db152 zlib-1.1.4.tar.bz2 IV. Acknowledgments Thanks to Owen Taylor and Mark Cox of Redhat, Inc. for the reporting and research of this vulnerability. This document is available from http://www.gzip.org/zlib/advisory-2002-03-11.txt The public PGP key of zlib author Jean-loup Gailly is available from http://www.gzip.org/zlib/jloup.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8jSR02aJ9JQGWcacRAuDEAKCWdrRkWeJV9lYU5z8NN56s3m8eKACglR4m 42KDUGHuftBkwACTMCnZLEo= =3yLS -----END PGP SIGNATURE----- |
23 years ago |
curt | 5039c84fd0 |
Removed metakit and zlib from the configure/build process. The
developer will need to build and install these separately if they don't have packages already installed by their system. See README.metakit and README.zlib for more details. As a convenience, pristine tarballs of the metakit and zlib source code trees are included with the simgear distribution (and cvs.) |
23 years ago |