[ubuntu/hardy-security] libpng 1.2.15~beta5-3ubuntu0.5 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Thu Feb 16 18:36:45 UTC 2012
- Previous message: [ubuntu/hardy-security] devscripts_2.10.11ubuntu5.8.04.5_amd64_translations.tar.gz, devscripts_2.10.11ubuntu5.8.04.5_hppa_translations.tar.gz, devscripts_2.10.11ubuntu5.8.04.5_sparc_translations.tar.gz, devscripts_2.10.11ubuntu5.8.04.5_lpia_translations.tar.gz, devscripts_2.10.11ubuntu5.8.04.5_i386_translations.tar.gz, devscripts_2.10.11ubuntu5.8.04.5_ia64_translations.tar.gz, devscripts, devscripts_2.10.11ubuntu5.8.04.5_powerpc_translations.tar.gz 2.10.11ubuntu5.8.04.5 (Accepted)
- Next message: [ubuntu/hardy-security] update-manager_0.87.33_sparc_translations.tar.gz, update-manager, update-manager_0.87.33_amd64_translations.tar.gz, update-manager_0.87.33_ia64_translations.tar.gz, update-manager_0.87.33_lpia_translations.tar.gz, dist-upgrader_0.87.33_all.tar.gz, update-manager_0.87.33_i386_translations.tar.gz, update-manager_0.87.33_hppa_translations.tar.gz, update-manager_0.87.33_powerpc_translations.tar.gz 1:0.87.33 (Accepted)
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
libpng (1.2.15~beta5-3ubuntu0.5) hardy-security; urgency=low
* SECURITY UPDATE: fix integer overflow / truncation
- adjust pngrutil.c to verify size when allocating memory in
png_decompress_chunk()
- http://src.chromium.org/viewvc/chrome/branches/963/src/third_party/libpng/pngrutil.c?view=patch&r1=121492&r2=121491&pathrev=121492
- CVE-2011-3026
* SECURITY UPDATE: Reject attempt to write iCCP chunk with negative embedded
profile length
- adjust pngwutil.c to verify that embedded_profile_len is not negative in
png_write_iCCP()
- http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=9e88fcd58c8ce7f2183bc2045e5180cba0043f09#patch19
- CVE-2009-5063
Date: Wed, 15 Feb 2012 21:23:54 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/libpng/1.2.15~beta5-3ubuntu0.5
-------------- next part --------------
Format: 1.7
Date: Wed, 15 Feb 2012 21:23:54 -0600
Source: libpng
Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb
Architecture: source
Version: 1.2.15~beta5-3ubuntu0.5
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description:
libpng12-0 - PNG library - runtime
libpng12-0-udeb - PNG library - minimal runtime library
libpng12-dev - PNG library - development
libpng3 - PNG library - runtime
Changes:
libpng (1.2.15~beta5-3ubuntu0.5) hardy-security; urgency=low
.
* SECURITY UPDATE: fix integer overflow / truncation
- adjust pngrutil.c to verify size when allocating memory in
png_decompress_chunk()
- http://src.chromium.org/viewvc/chrome/branches/963/src/third_party/libpng/pngrutil.c?view=patch&r1=121492&r2=121491&pathrev=121492
- CVE-2011-3026
* SECURITY UPDATE: Reject attempt to write iCCP chunk with negative embedded
profile length
- adjust pngwutil.c to verify that embedded_profile_len is not negative in
png_write_iCCP()
- http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=9e88fcd58c8ce7f2183bc2045e5180cba0043f09#patch19
- CVE-2009-5063
Files:
5710b932cb33f1d62b380f3a276bcb88 1467 libs optional libpng_1.2.15~beta5-3ubuntu0.5.dsc
44d59f4285b5b53507e9f34b27c9c36a 23784 libs optional libpng_1.2.15~beta5-3ubuntu0.5.diff.gz
Original-Maintainer: Anibal Monsalve Salazar <anibal at debian.org>
- Previous message: [ubuntu/hardy-security] devscripts_2.10.11ubuntu5.8.04.5_amd64_translations.tar.gz, devscripts_2.10.11ubuntu5.8.04.5_hppa_translations.tar.gz, devscripts_2.10.11ubuntu5.8.04.5_sparc_translations.tar.gz, devscripts_2.10.11ubuntu5.8.04.5_lpia_translations.tar.gz, devscripts_2.10.11ubuntu5.8.04.5_i386_translations.tar.gz, devscripts_2.10.11ubuntu5.8.04.5_ia64_translations.tar.gz, devscripts, devscripts_2.10.11ubuntu5.8.04.5_powerpc_translations.tar.gz 2.10.11ubuntu5.8.04.5 (Accepted)
- Next message: [ubuntu/hardy-security] update-manager_0.87.33_sparc_translations.tar.gz, update-manager, update-manager_0.87.33_amd64_translations.tar.gz, update-manager_0.87.33_ia64_translations.tar.gz, update-manager_0.87.33_lpia_translations.tar.gz, dist-upgrader_0.87.33_all.tar.gz, update-manager_0.87.33_i386_translations.tar.gz, update-manager_0.87.33_hppa_translations.tar.gz, update-manager_0.87.33_powerpc_translations.tar.gz 1:0.87.33 (Accepted)
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Hardy-changes
mailing list