[ubuntu/karmic-security] libpng, libpng (delayed) 1.2.37-1ubuntu0.2 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Thu Jul 8 14:03:46 BST 2010
libpng (1.2.37-1ubuntu0.2) karmic-security; urgency=low
* SECURITY UPDATE: arbitrary code execution from additional data row via
malformed PNG image
- debian/patches/03-CVE-2010-1205.patch: check for unexpected data
after the last row in pngpread.c.
- CVE-2010-1205
* SECURITY UPDATE: denial of service via memory leak from malformed sCAL
chunks
- debian/patches/04-CVE-2010-2249.patch: properly free memory in
pngrutil.c.
- CVE-2010-2249
Date: Mon, 05 Jul 2010 11:44:13 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/libpng/1.2.37-1ubuntu0.2
-------------- next part --------------
Format: 1.8
Date: Mon, 05 Jul 2010 11:44:13 -0400
Source: libpng
Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb
Architecture: source
Version: 1.2.37-1ubuntu0.2
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libpng12-0 - PNG library - runtime
libpng12-0-udeb - PNG library - minimal runtime library (udeb)
libpng12-dev - PNG library - development
libpng3 - PNG library - runtime
Changes:
libpng (1.2.37-1ubuntu0.2) karmic-security; urgency=low
.
* SECURITY UPDATE: arbitrary code execution from additional data row via
malformed PNG image
- debian/patches/03-CVE-2010-1205.patch: check for unexpected data
after the last row in pngpread.c.
- CVE-2010-1205
* SECURITY UPDATE: denial of service via memory leak from malformed sCAL
chunks
- debian/patches/04-CVE-2010-2249.patch: properly free memory in
pngrutil.c.
- CVE-2010-2249
Checksums-Sha1:
cfec6824de5906252b1fbb3956ed4af1b97ad95b 1293 libpng_1.2.37-1ubuntu0.2.dsc
c3a0adc9fafd3948c9a440aab0139545e36dba31 20129 libpng_1.2.37-1ubuntu0.2.diff.gz
Checksums-Sha256:
4788d66b354a115837ecf4fbd829ec03296f22ca2becbd248efabc63c38fd04b 1293 libpng_1.2.37-1ubuntu0.2.dsc
02aae897569d458040400c1a77f7dd3881df49b4c7f90220e459bab95c1b1c46 20129 libpng_1.2.37-1ubuntu0.2.diff.gz
Files:
fce0b2fd543aeff27d47fb91f12af053 1293 libs optional libpng_1.2.37-1ubuntu0.2.dsc
f230ec37944a0150ffc83cfdddc7c906 20129 libs optional libpng_1.2.37-1ubuntu0.2.diff.gz
Original-Maintainer: Anibal Monsalve Salazar <anibal at debian.org>
More information about the Karmic-changes
mailing list