[ubuntu/jaunty] lcms 1.17.dfsg-1ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Fri Mar 27 14:35:12 GMT 2009 

lcms (1.17.dfsg-1ubuntu2) jaunty; urgency=low

  * SECURITY UPDATE: Denial of service via large memory leak
    - debian/patches/11_security_CVE-2009-0581_0723_0733.dpatch: properly
      free memory in src/cmsio1.c.
    - CVE-2009-0581
  * SECURITY UPDATE: Arbitrary code execution due to integer overflows
    - debian/patches/11_security_CVE-2009-0581_0723_0733.dpatch: add new
      calloc function in include/lcms.h and fix overflows in src/cmsgamma.c,
      src/cmsio0.c, src/cmsio1.c and src/cmslut.c.
    - CVE-2009-0723
  * SECURITY UPDATE: Arbitrary code execution due to buffer overflow
    - debian/patches/11_security_CVE-2009-0581_0723_0733.dpatch: add
      _cmsValidateLUT() and use in src/cmsio1.c and src/cmslut.c.
    - CVE-2009-0733

Date: Fri, 20 Mar 2009 15:04:07 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/lcms/1.17.dfsg-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 20 Mar 2009 15:04:07 -0400
Source: lcms
Binary: liblcms1 liblcms-utils liblcms1-dev python-liblcms
Architecture: source
Version: 1.17.dfsg-1ubuntu2
Distribution: jaunty
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 liblcms-utils - Color management library (Additional utilities)
 liblcms1   - Color management library
 liblcms1-dev - Color management library (Development headers)
 python-liblcms - Python bindings for liblcms color management library
Changes: 
 lcms (1.17.dfsg-1ubuntu2) jaunty; urgency=low
 .
   * SECURITY UPDATE: Denial of service via large memory leak
     - debian/patches/11_security_CVE-2009-0581_0723_0733.dpatch: properly
       free memory in src/cmsio1.c.
     - CVE-2009-0581
   * SECURITY UPDATE: Arbitrary code execution due to integer overflows
     - debian/patches/11_security_CVE-2009-0581_0723_0733.dpatch: add new
       calloc function in include/lcms.h and fix overflows in src/cmsgamma.c,
       src/cmsio0.c, src/cmsio1.c and src/cmslut.c.
     - CVE-2009-0723
   * SECURITY UPDATE: Arbitrary code execution due to buffer overflow
     - debian/patches/11_security_CVE-2009-0581_0723_0733.dpatch: add
       _cmsValidateLUT() and use in src/cmsio1.c and src/cmslut.c.
     - CVE-2009-0733
Checksums-Sha1: 
 a457443126a49cc0b2f4e3f67c854eac7d6885b9 1383 lcms_1.17.dfsg-1ubuntu2.dsc
 2db4269baa9a6f3a4fb837417ccaa192bdba5f0a 12019 lcms_1.17.dfsg-1ubuntu2.diff.gz
Checksums-Sha256: 
 8d2ed1881d2b74760b145785f4dab7e16118b5f3d9cc7ca58dd8a3e28c06ec04 1383 lcms_1.17.dfsg-1ubuntu2.dsc
 39c540275f3b21beec7075e738ecc2b35a43d970b937ebf29c2824535930e048 12019 lcms_1.17.dfsg-1ubuntu2.diff.gz
Files: 
 d7ca7b546a62292479f8fe1c2936dde2 1383 libs optional lcms_1.17.dfsg-1ubuntu2.dsc
 90996467ebb7c2c16b8ff42e1da32492 12019 libs optional lcms_1.17.dfsg-1ubuntu2.diff.gz
Original-Maintainer: Oleksandr Moskalenko <malex at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAknM4poACgkQW0JvuRdL8BpCZACeLkctd96jxODY+120KKUZOiPB
UBkAoJJQJkLdEGMhZiU1lB7IlLQtnBWC
=ilFZ
-----END PGP SIGNATURE-----

More information about the Jaunty-changes mailing list