[ubuntu/lucid-security] dvipng, dvipng (delayed) 1.12-3ubuntu0.1 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Thu May 6 14:03:36 BST 2010
dvipng (1.12-3ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via SetVF memory corruption
(LP: #537638)
- dvipng.h, draw.c, vf.c, set.c: make sure glyph index doesn't
overflow. Patch by Jan-Ake Larsson.
- CVE-2010-0829
Date: Tue, 27 Apr 2010 09:34:06 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/dvipng/1.12-3ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Tue, 27 Apr 2010 09:34:06 -0400
Source: dvipng
Binary: dvipng
Architecture: source
Version: 1.12-3ubuntu0.1
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
dvipng - convert DVI files to PNG graphics
Launchpad-Bugs-Fixed: 537638
Changes:
dvipng (1.12-3ubuntu0.1) lucid-security; urgency=low
.
* SECURITY UPDATE: arbitrary code execution via SetVF memory corruption
(LP: #537638)
- dvipng.h, draw.c, vf.c, set.c: make sure glyph index doesn't
overflow. Patch by Jan-Ake Larsson.
- CVE-2010-0829
Checksums-Sha1:
a770175698d035e3e54708c8473ce71fdcfc744b 1285 dvipng_1.12-3ubuntu0.1.dsc
06679d02b15e2986137270f1edbd04a0e1c70b4d 5701 dvipng_1.12-3ubuntu0.1.diff.gz
Checksums-Sha256:
66125fd552aa9cfe239e86e9cc548c0c767cb3d1e7c756de86b6c8019939c9b5 1285 dvipng_1.12-3ubuntu0.1.dsc
d4d77302a5bb8ffe2c8df79d235402a9913d72bd2b39df97f3ce2274cf9a2a05 5701 dvipng_1.12-3ubuntu0.1.diff.gz
Files:
3fad39f6fd7c4354e2197a28d799222c 1285 utils optional dvipng_1.12-3ubuntu0.1.dsc
a4a8c25123f44e6f975775b651a851ad 5701 utils optional dvipng_1.12-3ubuntu0.1.diff.gz
Original-Maintainer: Varun Hiremath <varun at debian.org>
More information about the Lucid-changes
mailing list