[ubuntu/jaunty-security] dvipng, dvipng (delayed) 1.11-1ubuntu0.9.04.1 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Thu May 6 14:05:15 BST 2010
dvipng (1.11-1ubuntu0.9.04.1) jaunty-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via SetVF memory corruption
(LP: #537638)
- debian/patches/security-CVE-2010-0829.patch: make sure glyph index
doesn't overflow in dvipng.h, draw.c, vf.c, set.c.
- CVE-2010-0829
Date: Thu, 29 Apr 2010 08:49:45 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/dvipng/1.11-1ubuntu0.9.04.1
-------------- next part --------------
Format: 1.8
Date: Thu, 29 Apr 2010 08:49:45 -0400
Source: dvipng
Binary: dvipng
Architecture: source
Version: 1.11-1ubuntu0.9.04.1
Distribution: jaunty-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
dvipng - convert DVI files to PNG graphics
Launchpad-Bugs-Fixed: 537638
Changes:
dvipng (1.11-1ubuntu0.9.04.1) jaunty-security; urgency=low
.
* SECURITY UPDATE: arbitrary code execution via SetVF memory corruption
(LP: #537638)
- debian/patches/security-CVE-2010-0829.patch: make sure glyph index
doesn't overflow in dvipng.h, draw.c, vf.c, set.c.
- CVE-2010-0829
Checksums-Sha1:
eb48659140886c8facbfc23824c6a8158d493546 1359 dvipng_1.11-1ubuntu0.9.04.1.dsc
6606077a9a5cd8b79f63f85166281f6b88c5ca9c 5637 dvipng_1.11-1ubuntu0.9.04.1.diff.gz
Checksums-Sha256:
2ce72017f7bc3fd408795d4f7feb8cc87626dc3a67d32ebdb29275c41664481a 1359 dvipng_1.11-1ubuntu0.9.04.1.dsc
38614de7075450a1054aaa30a02656b460a96eba63764275975a7821604a7a92 5637 dvipng_1.11-1ubuntu0.9.04.1.diff.gz
Files:
639e1723ccc0ff923d3172d43bc62d41 1359 utils optional dvipng_1.11-1ubuntu0.9.04.1.dsc
dabdea489ab5eb30b69d29a32b25a8d3 5637 utils optional dvipng_1.11-1ubuntu0.9.04.1.diff.gz
Original-Maintainer: Varun Hiremath <varun at debian.org>
More information about the Jaunty-changes
mailing list