Accepting request 714780 from home:cbosdonnat:branches:devel:libraries:c_c++
- Update version to 3.6.1: * Fix use-after-free vulnerability in sass_context.cpp:handle_error bsc#1096894, CVE-2018-11499 * Disallow parent selector in selector_fns arguments bsc#1118301, CVE-2018-19797 * Fix use-after-free vulnerability exists in the SharedPtr class bsc#1118346, CVE-2018-19827 * Fix stack-overflow in Eval::operator() bsc#1118348, CVE-2018-19837 * Fix stack-overflow at IMPLEMENT_AST_OPERATORS expansion bsc#1118349, CVE-2018-19838 * Fix buffer-overflow (OOB read) against some invalid input bsc#1118351, CVE-2018-19839 * Fix Null pointer dereference in Sass::Eval::operator()(Sass::Supports_Operator*) bsc#1119789, CVE-2018-20190 * Fix heap-buffer-overflow in Sass::Prelexer::parenthese_scope(char const*) bsc#1121943, CVE-2019-6283 * Fix heap-based buffer over-read exists in Sass:Prelexer:alternatives bsc#1121944, CVE-2019-6284 * Fix heap-based buffer over-read exists in Sass:Prelexer:skip_over_scopes bsc#1121945, CVE-2019-6286 * Fix uncontrolled recursion in Sass:Parser:parse_css_variable_value bsc#1133200, CVE-2018-20821 * Fix stack-overflow at Sass::Inspect::operator() bsc#1133201, CVE-2018-20822 OBS-URL: https://build.opensuse.org/request/show/714780 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libsass?expand=0&rev=22
This commit is contained in:
parent
7aa7bd917f
commit
599fa9d451
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:f19fd5ce1c4209b9f3e2f6764e1e6c40194bf2e854865341f3c94d0d95c0cdd1
|
||||
size 327866
|
3
libsass-3.6.1.tar.gz
Normal file
3
libsass-3.6.1.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:18d6e866ba2430cccae2551f384aca253a84592c692ce7146550f1d4f273b7d7
|
||||
size 333609
|
@ -1,3 +1,33 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jul 12 07:10:58 UTC 2019 - Cédric Bosdonnat <cbosdonnat@suse.com>
|
||||
|
||||
- Update version to 3.6.1:
|
||||
|
||||
* Fix use-after-free vulnerability in sass_context.cpp:handle_error
|
||||
bsc#1096894, CVE-2018-11499
|
||||
* Disallow parent selector in selector_fns arguments
|
||||
bsc#1118301, CVE-2018-19797
|
||||
* Fix use-after-free vulnerability exists in the SharedPtr class
|
||||
bsc#1118346, CVE-2018-19827
|
||||
* Fix stack-overflow in Eval::operator()
|
||||
bsc#1118348, CVE-2018-19837
|
||||
* Fix stack-overflow at IMPLEMENT_AST_OPERATORS expansion
|
||||
bsc#1118349, CVE-2018-19838
|
||||
* Fix buffer-overflow (OOB read) against some invalid input
|
||||
bsc#1118351, CVE-2018-19839
|
||||
* Fix Null pointer dereference in Sass::Eval::operator()(Sass::Supports_Operator*)
|
||||
bsc#1119789, CVE-2018-20190
|
||||
* Fix heap-buffer-overflow in Sass::Prelexer::parenthese_scope(char const*)
|
||||
bsc#1121943, CVE-2019-6283
|
||||
* Fix heap-based buffer over-read exists in Sass:Prelexer:alternatives
|
||||
bsc#1121944, CVE-2019-6284
|
||||
* Fix heap-based buffer over-read exists in Sass:Prelexer:skip_over_scopes
|
||||
bsc#1121945, CVE-2019-6286
|
||||
* Fix uncontrolled recursion in Sass:Parser:parse_css_variable_value
|
||||
bsc#1133200, CVE-2018-20821
|
||||
* Fix stack-overflow at Sass::Inspect::operator()
|
||||
bsc#1133201, CVE-2018-20822
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Apr 23 18:57:47 UTC 2018 - gutaper@gmail.com
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package libsass
|
||||
#
|
||||
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -12,13 +12,13 @@
|
||||
# license that conforms to the Open Source Definition (Version 1.9)
|
||||
# published by the Open Source Initiative.
|
||||
|
||||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
|
||||
%define libname libsass-3_5_3-1
|
||||
%define libname libsass-3_6_1-1
|
||||
Name: libsass
|
||||
Version: 3.5.3
|
||||
Version: 3.6.1
|
||||
Release: 0
|
||||
Summary: Compiler library for A CSS preprocessor language
|
||||
License: MIT
|
||||
|
Loading…
Reference in New Issue
Block a user