From owner-cvs-all@FreeBSD.ORG  Wed Jul  7 10:56:09 2004
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 35BD616A4CE; Wed,  7 Jul 2004 10:56:09 +0000 (GMT)
Received: from fillmore.dyndns.org (port-212-202-50-15.dynamic.qsc.de
	[212.202.50.15])	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 9560643D66; Wed,  7 Jul 2004 10:56:08 +0000 (GMT)
	(envelope-from eikemeier@fillmore-labs.com)
Received: from dhcp-7.local ([172.16.0.7] helo=dhcp-14.local)
	by fillmore.dyndns.org with esmtp (TLSv1:DES-CBC3-SHA:168)
	(Exim 4.34 (FreeBSD))
	id 1BiA5s-0007CG-58; Wed, 07 Jul 2004 12:56:07 +0200
Date: Wed, 7 Jul 2004 12:56:38 +0200
Content-Type: text/plain; charset=US-ASCII; format=flowed
Mime-Version: 1.0 (Apple Message framework v482)
To: Andrey A.Chernov <ache@FreeBSD.org>
From: Oliver Eikemeier <eikemeier@fillmore-labs.com>
In-Reply-To: <200407071033.i67AXSiM061232@repoman.freebsd.org>
Message-Id: <527B0188-D004-11D8-8006-00039312D914@fillmore-labs.com>
Content-Transfer-Encoding: 7bit
User-Agent: KMail/1.5.9
cc: Tom Rhodes <trhodes@FreeBSD.org>
cc: cvs-ports@FreeBSD.org
cc: cvs-all@FreeBSD.org
cc: ports-committers@FreeBSD.org
Subject: Re: cvs commit: ports/graphics/png Makefile
	ports/graphics/png/files patch-pngrtran.c
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jul 2004 10:56:09 -0000

Andrey A. Chernov wrote:

> ache        2004-07-07 10:33:28 UTC
>
>   FreeBSD ports repository
>
>   Modified files:
>     graphics/png         Makefile
>   Added files:
>     graphics/png/files   patch-pngrtran.c
>   Log:
>   In 16-bit samples case the starting offsets for the loops are 
> calculated
>   incorrectly which may cause a buffer overrun beyond the beginning of
>   the row buffer.
>
>   Submitted by:   Robert Nagy <robert@openbsd.org>

AFAICS this fixes CAN-2002-1363:
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1363>

Would you mind adding an entry to the vulnerability database for that?

Refer to
   <http://people.freebsd.org/~eik/texts/portaudit_entries.txt>
for some pointers.

Thanks
-Oliver