[ubuntu/karmic] openexr 1.6.1-4ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Sep 15 17:45:13 BST 2009


openexr (1.6.1-4ubuntu2) karmic; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    multiple integer overflows
    - debian/patches/security_CVE-2009-1720.diff: make sure we don't
      overflow INT_MAX in IlmImf/{ImfPizCompressor,ImfPreviewImage,
      ImfPxr24Compressor,ImfRleCompressor,ImfZipCompressor}.cpp.
    - CVE-2009-1720
  * SECURITY UPDATE: denial of service and possible code execution via
    uninitialized pointer free in Imf::hufUncompress
    - debian/patches/security_CVE-2009-1721.diff: introduce
      hufClearDecTable function and use it to clear out hdec in
      IlmImf/ImfHuf.cpp.
    - CVE-2009-1721

Date: Mon, 14 Sep 2009 14:35:41 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/openexr/1.6.1-4ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 14 Sep 2009 14:35:41 -0400
Source: openexr
Binary: openexr libopenexr-dev libopenexr6
Architecture: source
Version: 1.6.1-4ubuntu2
Distribution: karmic
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libopenexr-dev - development files for the OpenEXR image library
 libopenexr6 - runtime files for the OpenEXR image library
 openexr    - viewer and docs for the OpenEXR image format
Changes: 
 openexr (1.6.1-4ubuntu2) karmic; urgency=low
 .
   * SECURITY UPDATE: denial of service and possible code execution via
     multiple integer overflows
     - debian/patches/security_CVE-2009-1720.diff: make sure we don't
       overflow INT_MAX in IlmImf/{ImfPizCompressor,ImfPreviewImage,
       ImfPxr24Compressor,ImfRleCompressor,ImfZipCompressor}.cpp.
     - CVE-2009-1720
   * SECURITY UPDATE: denial of service and possible code execution via
     uninitialized pointer free in Imf::hufUncompress
     - debian/patches/security_CVE-2009-1721.diff: introduce
       hufClearDecTable function and use it to clear out hdec in
       IlmImf/ImfHuf.cpp.
     - CVE-2009-1721
Checksums-Sha1: 
 703b333dabdbe5794d177cf79a21c199f9b684c8 1407 openexr_1.6.1-4ubuntu2.dsc
 4c4b0abaea6adb6ee1a89f049cc122ce3c640ebb 11369 openexr_1.6.1-4ubuntu2.diff.gz
Checksums-Sha256: 
 3b61f818d443ce404ddd0964fb870e4bf51ad929ff4b63dd7901d84d64b04fe9 1407 openexr_1.6.1-4ubuntu2.dsc
 987ec596ef44a1d52960c429fd0c3a41d6d23e42058082a913347216c8c00a54 11369 openexr_1.6.1-4ubuntu2.diff.gz
Files: 
 75c495d3dac25b7c217e5d7dea1ca820 1407 graphics optional openexr_1.6.1-4ubuntu2.dsc
 8b29fc11a12572ec344ae1eff1ce80e5 11369 graphics optional openexr_1.6.1-4ubuntu2.diff.gz
Original-Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkqvw3oACgkQW0JvuRdL8BqatQCcCyeI7H/ZKS8jFnnB/6dPpc7u
WmwAnidWlYp27iBEo6Lg86TfEbB56AVo
=Se2/
-----END PGP SIGNATURE-----


More information about the Karmic-changes mailing list