System V shared memory segments created with shmget() are assigned an
owner, a group and a set of permissions intended to limit access to
the segment to designated processes only. The owner of a shared
memory segment can change the ownership and permissions on a segment
after its creation using shmctl(). Any subsequent processes that wish
to attach to the segment can only do so if they have the appropriate
permissions. Once attached, the process can read or write to the
segment, as per the permissions that were set when the segment was
created.
smaSHeM takes advantage of applications that set weak permissions on
such segments, allowing an attacker to dump or patch their contents.
As discussed in the presentation at 44CON 2013 entitled 'I Miss LSD',
in the case of many X11 applications it is possible to extract pixmaps
of previously rendered GUI artifacts. When compiled with QtCore
linking enabled, smaSHeM aids in that process by brute forcing
potentially valid dimensions for the raw pixmap dump.
Version 1.6.7beta01 [September 30, 2013]
Revised unknown chunk code to correct several bugs in the NO_SAVE_/NO_WRITE
combination
Allow HANDLE_AS_UNKNOWN to work when other options are configured off. Also
fixed the pngminim makefiles to work when $(MAKEFLAGS) contains stuff
which terminates the make options (as by default in recent versions of
Gentoo).
Avoid up-cast warnings in pngvalid.c. On ARM the alignment requirements of
png_modifier are greater than that of png_store and as a consequence
compilation of pngvalid.c results in a warning about increased alignment
requirements because of the bare cast to (png_modifier*). The code is safe,
because the pointer is known to point to a stack allocated png_modifier,
but this change avoids the warning.
Fixed default behavior of ARM_NEON_API. If the ARM NEON API option was
compiled without the CHECK option it defaulted to on, not off.
Check user callback behavior in pngunknown.c. Previous versions compiled
if SAVE_UNKNOWN was not available but did nothing since the callback
was never implemented.
Merged pngunknown.c with 1.7 version and back ported 1.7 improvements/fixes
Version 1.6.7beta02 [October 12, 2013]
Made changes for compatibility with automake 1.14:
1) Added the 'compile' program to the list of programs that must be cleaned
in autogen.sh
2) Added 'subdir-objects' which causes .c files in sub-directories to be
compiled such that the corresponding .o files are also in the
sub-directory. This is because automake 1.14 warns that the
current behavior of compiling to the top level directory may be removed
in the future.
3) Updated dependencies on pnglibconf.h to match the new .o locations and
added all the files in contrib/libtests and contrib/tools that depend
on pnglibconf.h
4) Added 'BUILD_SOURCES = pnglibconf.h'; this is the automake recommended
way of handling the dependencies of sources that are machine generated;
unfortunately it only works if the user does 'make all' or 'make check',
so the dependencies (3) are still required.
Cleaned up (char*) casts of zlib messages. The latest version of the Intel C
compiler complains about casting a string literal as (char*), so copied the
treatment of z_const from the library code into pngfix.c
Simplified error message code in pngunknown. The simplification has the
useful side effect of avoiding a bogus warning generated by the latest
version of the Intel C compiler (it objects to
condition ? string-literal : string-literal).
Make autogen.sh work with automake 1.13 as well as 1.14. Do this by always
removing the 1.14 'compile' script but never checking for it.
Version 1.6.7beta03 [October 19, 2013]
Added ARMv8 support (James Yu <james.yu at linaro.org>). Added file
arm/filter_neon_intrinsics.c; enable with -mfpu=neon.
Revised pngvalid to generate size images with as many filters as it can
manage, limited by the number of rows.
Cleaned up ARM NEON compilation handling. The tests are now in pngpriv.h
and detect the broken GCC compilers.
Version 1.6.7beta04 [October 26, 2013]
Allow clang derived from older GCC versions to use ARM intrinsics. This
causes all clang builds that use -mfpu=neon to use the intrinsics code,
not the assembler code. This has only been tested on iOS 7. It may be
necessary to exclude some earlier clang versions but this seems unlikely.
Changed NEON implementation selection mechanism. This allows assembler
or intrinsics to be turned on at compile time during the build by defining
PNG_ARM_NEON_IMPLEMENTATION to the correct value (2 or 1). This macro
is undefined by default and the build type is selected in pngpriv.h.
Version 1.6.7rc01 [November 2, 2013]
No changes.
Version 1.6.7rc02 [November 7, 2013]
Fixed #include in filter_neon_intrinsics.c and ctype macros. The ctype char
checking macros take an unsigned char argument, not a signed char.
Version 1.6.7 [November 14, 2013]
Ipopt (Interior Point OPTimizer, pronounced eye-pea-Opt)
is a software package for large-scale nonlinear optimization.
It is designed to find (local) solutions of mathematical
optimization problems of the form
min_{x in R^n} f(x)
s.t. g_L <= g(x) <= g_U
x_L <= x <= x_U
where f(x): R^n --> R is the objective function,
and g(x): R^n --> R^m are the constraint functions.
The vectors g_L and g_U denote the lower and upper bounds on the
constraints, and the vectors x_L and x_U are the bounds on the
variables x. The functions f(x) and g(x) can be nonlinear and
nonconvex, but should be twice continuously differentiable.
Note that equality constraints can be formulated in the above
formulation by setting the corresponding components of g_L and
g_U to the same value.
Ipopt is part of the COIN-OR Initiative.
Changelog:
Fixed in Firefox ESR 17.0.10
MFSA 2013-101 Memory corruption in workers
MFSA 2013-100 Miscellaneous use-after-free issues found through ASAN fuzzing
MFSA 2013-98 Use-after-free when updating offline cache
MFSA 2013-96 Improperly initialized memory and overflows in some JavaScript functions
MFSA 2013-95 Access violation with XSLT and uninitialized data
MFSA 2013-93 Miscellaneous memory safety hazards (rv:25.0 / rv:24.1 / rv:17.0.10)
Fix interpretation of dateTime.iso8601 variant with timezone information. As broken, it would add up to a second to the correct datetime or reject the message claiming that it has invalid syntax. Always broken (recognition of the timezone variant was introduced in Xmlrpc-c 1.20).
* MSVC: Add /FS flag for cl >= 18 to allow parallel compilation
* Genex: Reject $<TARGET_FILE:...> for object libraries
* Check for OBJECT_LIBRARY source files at start of generation
* CMP0022: Plain target_link_libraries must populate link interface
* Do not export INTERFACE_LINK_LIBRARIES from non-linkable targets
* CMP0022: Warn about a given target at most once
* Fix summary documentation of INTERFACE_LINK_LIBRARIES
* file(GENERATE): Clear internal records between configures
* cmake: Validate -E cmake_automoc argument count
* Fix spelling in INTERFACE_LINK_LIBRARIES documentation
* CMP0022: Output link interface mismatch for static library warning
* Don't add invalid content to static lib INTERFACE_LINK_LIBRARIES.
* CMP0022: Add unit test for null pointer check and message.
* CMP0022: Add test for target_link_libraries plain signature
* Automoc: Add directory-level COMPILE_DEFINITIONS to command line
* FindCUDA: Fix NPP library search for CUDA 5.5
* Fix a delay when showing the next card on some computers.
* Make sure suspended & buried cards are reset when exporting
without scheduling information.
Changes between 1.1.1 and 1.1.2:
--------------------------------
* Various bugfixes for ATSC PSI tables
* dvbpsi_packet_push() bugfix
* Various bugfixes for dvbinfo
* Ignore invalid program pids (pid=0) inside PAT table (closes vlc ticket #9695)
