Accepting request 714780 from home:cbosdonnat:branches:devel:libraries:c_c++
- Update version to 3.6.1:
* Fix use-after-free vulnerability in sass_context.cpp:handle_error
bsc#1096894, CVE-2018-11499
* Disallow parent selector in selector_fns arguments
bsc#1118301, CVE-2018-19797
* Fix use-after-free vulnerability exists in the SharedPtr class
bsc#1118346, CVE-2018-19827
* Fix stack-overflow in Eval::operator()
bsc#1118348, CVE-2018-19837
* Fix stack-overflow at IMPLEMENT_AST_OPERATORS expansion
bsc#1118349, CVE-2018-19838
* Fix buffer-overflow (OOB read) against some invalid input
bsc#1118351, CVE-2018-19839
* Fix Null pointer dereference in Sass::Eval::operator()(Sass::Supports_Operator*)
bsc#1119789, CVE-2018-20190
* Fix heap-buffer-overflow in Sass::Prelexer::parenthese_scope(char const*)
bsc#1121943, CVE-2019-6283
* Fix heap-based buffer over-read exists in Sass:Prelexer:alternatives
bsc#1121944, CVE-2019-6284
* Fix heap-based buffer over-read exists in Sass:Prelexer:skip_over_scopes
bsc#1121945, CVE-2019-6286
* Fix uncontrolled recursion in Sass:Parser:parse_css_variable_value
bsc#1133200, CVE-2018-20821
* Fix stack-overflow at Sass::Inspect::operator()
bsc#1133201, CVE-2018-20822
OBS-URL: https://build.opensuse.org/request/show/714780
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libsass?expand=0&rev=22
This commit is contained in:
Cédric Bosdonnat
Git OBS Bridge
parent
7aa7bd917f
commit
599fa9d451
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:f19fd5ce1c4209b9f3e2f6764e1e6c40194bf2e854865341f3c94d0d95c0cdd1
|
|
||||||
size 327866
|
|
||||||
3
libsass-3.6.1.tar.gz
Normal file
3
libsass-3.6.1.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:18d6e866ba2430cccae2551f384aca253a84592c692ce7146550f1d4f273b7d7
|
||||||
|
size 333609
|
||||||
@ -1,3 +1,33 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Jul 12 07:10:58 UTC 2019 - Cédric Bosdonnat <cbosdonnat@suse.com>
|
||||||
|
|
||||||
|
- Update version to 3.6.1:
|
||||||
|
|
||||||
|
* Fix use-after-free vulnerability in sass_context.cpp:handle_error
|
||||||
|
bsc#1096894, CVE-2018-11499
|
||||||
|
* Disallow parent selector in selector_fns arguments
|
||||||
|
bsc#1118301, CVE-2018-19797
|
||||||
|
* Fix use-after-free vulnerability exists in the SharedPtr class
|
||||||
|
bsc#1118346, CVE-2018-19827
|
||||||
|
* Fix stack-overflow in Eval::operator()
|
||||||
|
bsc#1118348, CVE-2018-19837
|
||||||
|
* Fix stack-overflow at IMPLEMENT_AST_OPERATORS expansion
|
||||||
|
bsc#1118349, CVE-2018-19838
|
||||||
|
* Fix buffer-overflow (OOB read) against some invalid input
|
||||||
|
bsc#1118351, CVE-2018-19839
|
||||||
|
* Fix Null pointer dereference in Sass::Eval::operator()(Sass::Supports_Operator*)
|
||||||
|
bsc#1119789, CVE-2018-20190
|
||||||
|
* Fix heap-buffer-overflow in Sass::Prelexer::parenthese_scope(char const*)
|
||||||
|
bsc#1121943, CVE-2019-6283
|
||||||
|
* Fix heap-based buffer over-read exists in Sass:Prelexer:alternatives
|
||||||
|
bsc#1121944, CVE-2019-6284
|
||||||
|
* Fix heap-based buffer over-read exists in Sass:Prelexer:skip_over_scopes
|
||||||
|
bsc#1121945, CVE-2019-6286
|
||||||
|
* Fix uncontrolled recursion in Sass:Parser:parse_css_variable_value
|
||||||
|
bsc#1133200, CVE-2018-20821
|
||||||
|
* Fix stack-overflow at Sass::Inspect::operator()
|
||||||
|
bsc#1133201, CVE-2018-20822
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Apr 23 18:57:47 UTC 2018 - gutaper@gmail.com
|
Mon Apr 23 18:57:47 UTC 2018 - gutaper@gmail.com
|
||||||
|
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package libsass
|
# spec file for package libsass
|
||||||
#
|
#
|
||||||
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
|
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -12,13 +12,13 @@
|
|||||||
# license that conforms to the Open Source Definition (Version 1.9)
|
# license that conforms to the Open Source Definition (Version 1.9)
|
||||||
# published by the Open Source Initiative.
|
# published by the Open Source Initiative.
|
||||||
|
|
||||||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||||
#
|
#
|
||||||
|
|
||||||
|
|
||||||
%define libname libsass-3_5_3-1
|
%define libname libsass-3_6_1-1
|
||||||
Name: libsass
|
Name: libsass
|
||||||
Version: 3.5.3
|
Version: 3.6.1
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Compiler library for A CSS preprocessor language
|
Summary: Compiler library for A CSS preprocessor language
|
||||||
License: MIT
|
License: MIT
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user