Blender Git Commit Log

All Blender Git commits.

Page: 3508 / 8462

January 18, 2018, 02:46 (GMT)
Cleanup: label scene flags more clearly

Also correct typo in enum name
January 18, 2018, 01:36 (GMT)
Fix T53811: "bmesh.ops.split" crash
January 18, 2018, 00:33 (GMT)
WM: improved area resize snapping

Instead of 10px steps, snap to mid-point & adjacent edges.

Not yet implemented for split preview.
January 18, 2018, 00:01 (GMT)
Merge branch 'master' into blender2.8
January 17, 2018, 23:54 (GMT)
Fix buffer overflow vulnerability in curve, font, particles code.

Solves these security issues from T52924:
CVE-2017-12102
CVE-2017-12103
CVE-2017-12104

While the specific overflow issue may be fixed, loading the repro .blend
files may still crash because they are incomplete and corrupt. The way
they crash may be impossible to exploit, but this is difficult to prove.

Differential Revision: https://developer.blender.org/D3002
January 17, 2018, 23:54 (GMT)
Fix buffer overflow vulnerabilities in mesh code.

Solves these security issues from T52924:
CVE-2017-12081
CVE-2017-12082
CVE-2017-12086
CVE-2017-12099
CVE-2017-12100
CVE-2017-12101
CVE-2017-12105

While the specific overflow issue may be fixed, loading the repro .blend
files may still crash because they are incomplete and corrupt. The way
they crash may be impossible to exploit, but this is difficult to prove.

Differential Revision: https://developer.blender.org/D3002
January 17, 2018, 23:54 (GMT)
Fix Linux/GCC compiler warning in recent fixes.
January 17, 2018, 23:51 (GMT)
Loop Cut: Allow mouse placement w/ numeric input

D2973 by @cyaoeu
January 17, 2018, 23:39 (GMT)
Fix buffer overflow vulnerability in curve, font, particles code.

Solves these security issues from T52924:
CVE-2017-12102
CVE-2017-12103
CVE-2017-12104

While the specific overflow issue may be fixed, loading the repro .blend
files may still crash because they are incomplete and corrupt. The way
they crash may be impossible to exploit, but this is difficult to prove.

Differential Revision: https://developer.blender.org/D3002
January 17, 2018, 23:33 (GMT)
Fix buffer overflow vulnerabilities in mesh code.

Solves these security issues from T52924:
CVE-2017-12081
CVE-2017-12082
CVE-2017-12086
CVE-2017-12099
CVE-2017-12100
CVE-2017-12101
CVE-2017-12105

While the specific overflow issue may be fixed, loading the repro .blend
files may still crash because they are incomplete and corrupt. The way
they crash may be impossible to exploit, but this is difficult to prove.

Differential Revision: https://developer.blender.org/D3002
January 17, 2018, 23:29 (GMT)
Fix Linux/GCC compiler warning in recent fixes.
January 17, 2018, 19:40 (GMT)
Fix buffer overflow vulernability in thumbnail file reading.

Fixes CVE-2017-2908 from T52924.

Differential Revision: https://developer.blender.org/D3001
January 17, 2018, 19:40 (GMT)
Fix buffer overflows in TIFF, PNG, IRIS, DPX, HDR and AVI loading.

Solves these security issues from T52924:
CVE-2017-2899
CVE-2017-2900
CVE-2017-2901
CVE-2017-2902
CVE-2017-2903
CVE-2017-2904
CVE-2017-2905
CVE-2017-2906
CVE-2017-2907
CVE-2017-2918

Differential Revision: https://developer.blender.org/D2999
January 17, 2018, 19:40 (GMT)
Memory: add MEM_malloc_arrayN() function to protect against overflow.

Differential Revision: https://developer.blender.org/D3002
January 17, 2018, 19:39 (GMT)
Cleanup: SGI format, remove unused struct members
January 17, 2018, 19:39 (GMT)
Fix SGI foramt reader CVE-2017-2901

Integer Overflow Code Execution Vulnerability.

Reader no longer crashes on corrupt images (from own fuzz testing).
January 17, 2018, 19:39 (GMT)
Cleanup: SGI format, avoid overflow

Harmless but causes warnings
January 17, 2018, 19:39 (GMT)
Cleanup: SGI format, use uint/short/char types
January 17, 2018, 19:39 (GMT)
Fix writing Iris images w/ invalid header

Regression in e142ae77cadf
January 17, 2018, 19:25 (GMT)
Fix buffer overflow vulernability in thumbnail file reading.

Fixes CVE-2017-2908 from T52924.

Differential Revision: https://developer.blender.org/D3001
By: Miika HämäläinenLast update: Nov-07-2014 14:18MiikaHweb | 2003-2021