Blender Git Commits

Display:

Blender Git commits from all branches.

Page: 1606 / 2888

Revision 5b25605 by Brecht Van Lommel

January 17, 2018, 23:39 (GMT)

Fix buffer overflow vulnerability in curve, font, particles code.

Solves these security issues from T52924:
CVE-2017-12102
CVE-2017-12103
CVE-2017-12104

While the specific overflow issue may be fixed, loading the repro .blend
files may still crash because they are incomplete and corrupt. The way
they crash may be impossible to exploit, but this is difficult to prove.

Differential Revision: https://developer.blender.org/D3002

Revision fdb6522 by Brecht Van Lommel

January 17, 2018, 23:33 (GMT)

Fix buffer overflow vulnerabilities in mesh code.

Solves these security issues from T52924:
CVE-2017-12081
CVE-2017-12082
CVE-2017-12086
CVE-2017-12099
CVE-2017-12100
CVE-2017-12101
CVE-2017-12105

While the specific overflow issue may be fixed, loading the repro .blend
files may still crash because they are incomplete and corrupt. The way
they crash may be impossible to exploit, but this is difficult to prove.

Differential Revision: https://developer.blender.org/D3002

Revision 768cfd2 by Brecht Van Lommel

January 17, 2018, 23:29 (GMT)

Fix Linux/GCC compiler warning in recent fixes.

Revision 3ff9aab by Brecht Van Lommel

January 17, 2018, 19:40 (GMT)

Fix buffer overflow vulernability in thumbnail file reading.

Fixes CVE-2017-2908 from T52924.

Differential Revision: https://developer.blender.org/D3001

Revision 0dfcf7b by Brecht Van Lommel

January 17, 2018, 19:40 (GMT)

Fix buffer overflows in TIFF, PNG, IRIS, DPX, HDR and AVI loading.

Solves these security issues from T52924:
CVE-2017-2899
CVE-2017-2900
CVE-2017-2901
CVE-2017-2902
CVE-2017-2903
CVE-2017-2904
CVE-2017-2905
CVE-2017-2906
CVE-2017-2907
CVE-2017-2918

Differential Revision: https://developer.blender.org/D2999

Revision d5a2921 by Brecht Van Lommel

January 17, 2018, 19:40 (GMT)

Memory: add MEM_malloc_arrayN() function to protect against overflow.

Differential Revision: https://developer.blender.org/D3002

Revision a32fd14 by Campbell Barton / Brecht Van Lommel

January 17, 2018, 19:39 (GMT)

Cleanup: SGI format, remove unused struct members

Revision 6a83222 by Campbell Barton / Brecht Van Lommel

January 17, 2018, 19:39 (GMT)

Fix SGI foramt reader CVE-2017-2901

Integer Overflow Code Execution Vulnerability.

Reader no longer crashes on corrupt images (from own fuzz testing).

Revision 21e8f48 by Campbell Barton / Brecht Van Lommel

January 17, 2018, 19:39 (GMT)

Cleanup: SGI format, avoid overflow

Harmless but causes warnings

Revision 5ae386a by Campbell Barton / Brecht Van Lommel

January 17, 2018, 19:39 (GMT)

Cleanup: SGI format, use uint/short/char types

Revision 31f67f7 by Campbell Barton / Brecht Van Lommel

January 17, 2018, 19:39 (GMT)

Fix writing Iris images w/ invalid header

Regression in e142ae77cadf

Revision a165278 by Campbell Barton (temp-openjpeg23)

January 17, 2018, 15:42 (GMT)

Correct readme and note.

Revision cf71a4d by Campbell Barton (temp-openjpeg23)

January 17, 2018, 15:42 (GMT)

Merge branch 'master' into temp-openjpeg23

Revision c4a2515 by Antonio Vazquez (experimental_gp_weight, greasepencil-experimental, greasepencil-object, greasepencil-refactor, soc-2019-npr, temp-gpencil-eval, temp-greasepencil-object-stacksplit, temp-greasepencil-vfx)

January 17, 2018, 15:09 (GMT)

Merge branch 'blender2.8' into greasepencil-object

Revision dff3ea0 by Antonio Vazquez (experimental_gp_weight, greasepencil-experimental, greasepencil-object, greasepencil-refactor, soc-2019-npr, temp-gpencil-eval, temp-greasepencil-object-stacksplit, temp-greasepencil-vfx)

January 17, 2018, 13:14 (GMT)

Change default smooth parameters for brushes

Revision 5ddcad4 by Campbell Barton (blender-v2.79a-release, blender-v2.79b-release, fracture_modifier, fracture_modifier-master, temp-fracture-modifier-2.8)

January 17, 2018, 03:01 (GMT)

Fix T53810: Crash removing a scene used in render

Header drawing accesses the scene too.

Revision 8fd65dc by Martin Felke (fracture_modifier, fracture_modifier-master, temp-fracture-modifier-2.8)

January 16, 2018, 23:12 (GMT)

corrected some more special constraint breaking activation behavior (was activating too much)

Revision cd3c95a by Antonio Vazquez (experimental_gp_weight, greasepencil-experimental, greasepencil-object, greasepencil-refactor, soc-2019-npr, temp-gpencil-eval, temp-greasepencil-object-stacksplit, temp-greasepencil-vfx)

January 16, 2018, 16:20 (GMT)

Merge branch 'blender2.8' into greasepencil-object

Revision f72e6fc by Bastien Montagne (blender-v2.79a-release, blender-v2.79b-release, fracture_modifier, fracture_modifier-master, temp-fracture-modifier-2.8)

January 16, 2018, 16:19 (GMT)

Revert "Fix T53752: Draw curve fails w/ stylus"

This reverts commit d0e0f33f57b02fecf75c08f3c144d07915367781.

Requested by author, since it raised new issues, better not have it in
bugfix release!

Revision 0ff7c03 by Antonio Vazquez (experimental_gp_weight, greasepencil-experimental, greasepencil-object, greasepencil-refactor, soc-2019-npr, temp-gpencil-eval, temp-greasepencil-object-stacksplit, temp-greasepencil-vfx)

January 15, 2018, 18:21 (GMT)

Merge branch 'blender2.8' into greasepencil-object

« Previous Page

Blender Git Commits

Navigation

Stats

RSS Feeds