[ubuntu/jaunty] libpng 1.2.27-2ubuntu2 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Fri Mar 6 02:00:15 GMT 2009 

libpng (1.2.27-2ubuntu2) jaunty; urgency=low

  * SECURITY UPDATE: denial of service and possible execution of arbitrary
    code via crafted image (LP: #338027)
    - debian/patches/02-CVE-2009-0040.diff: initialize pointers in pngread.c,
      pngrtans.c, pngset.c and example.c
    - CVE-2009-0040
  * SECURITY UPDATE: denial of service via incorrect memory assignment
    (LP: #324258)
    - debian/patches/02-CVE-2008-5907.diff: update pngwutil.c to properly set
      new_key to NULL string
    - CVE-2008-5907

Date: Thu, 05 Mar 2009 14:15:45 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/libpng/1.2.27-2ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 05 Mar 2009 14:15:45 -0600
Source: libpng
Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb
Architecture: source
Version: 1.2.27-2ubuntu2
Distribution: jaunty
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 libpng12-0 - PNG library - runtime
 libpng12-0-udeb - PNG library - minimal runtime library (udeb)
 libpng12-dev - PNG library - development
 libpng3    - PNG library - runtime
Launchpad-Bugs-Fixed: 324258 338027
Changes: 
 libpng (1.2.27-2ubuntu2) jaunty; urgency=low
 .
   * SECURITY UPDATE: denial of service and possible execution of arbitrary
     code via crafted image (LP: #338027)
     - debian/patches/02-CVE-2009-0040.diff: initialize pointers in pngread.c,
       pngrtans.c, pngset.c and example.c
     - CVE-2009-0040
   * SECURITY UPDATE: denial of service via incorrect memory assignment
     (LP: #324258)
     - debian/patches/02-CVE-2008-5907.diff: update pngwutil.c to properly set
       new_key to NULL string
     - CVE-2008-5907
Checksums-Sha1: 
 f3ac6bdf485d5f285635919e1021c8cbc01f794d 1287 libpng_1.2.27-2ubuntu2.dsc
 89d9f95bb348559ad1e1e60d226c50b5adf19d31 171401 libpng_1.2.27-2ubuntu2.diff.gz
Checksums-Sha256: 
 84ba41cc38ba8627119078329ef2d40749de97fd16dd4bbe077de4cf2bcf7827 1287 libpng_1.2.27-2ubuntu2.dsc
 5dc648b8e127052ab593e816a68e49fc73f3e613b1ded0c794bce120ae054292 171401 libpng_1.2.27-2ubuntu2.diff.gz
Files: 
 4e54b7c4c7ddd627dd817d8b9a851a0b 1287 libs optional libpng_1.2.27-2ubuntu2.dsc
 d12e82e398cb095d630efa0ab8178030 171401 libs optional libpng_1.2.27-2ubuntu2.diff.gz
Original-Maintainer: Anibal Monsalve Salazar <anibal at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkmwgr0ACgkQW0JvuRdL8BrNgACfe6XgTyx6RTD9FUcSVnPzmIoD
mU8Ani1mf/ZdLKhm+beDQeG9xPxG/7cP
=+sKX
-----END PGP SIGNATURE-----

More information about the Jaunty-changes mailing list