[ubuntu/lucid-security] libpng 1.2.42-1ubuntu2.3 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Thu Feb 16 18:35:37 UTC 2012
libpng (1.2.42-1ubuntu2.3) lucid-security; urgency=low
* SECURITY UPDATE: fix integer overflow / truncation
- debian/patches/08-CVE-2011-3026.patch: adjust pngrutil.c to verify size
when allocating memory in png_decompress_chunk()
- CVE-2011-3026
Date: Wed, 15 Feb 2012 21:22:27 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/libpng/1.2.42-1ubuntu2.3
-------------- next part --------------
Format: 1.8
Date: Wed, 15 Feb 2012 21:22:27 -0600
Source: libpng
Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb
Architecture: source
Version: 1.2.42-1ubuntu2.3
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description:
libpng12-0 - PNG library - runtime
libpng12-0-udeb - PNG library - minimal runtime library (udeb)
libpng12-dev - PNG library - development
libpng3 - PNG library - runtime
Changes:
libpng (1.2.42-1ubuntu2.3) lucid-security; urgency=low
.
* SECURITY UPDATE: fix integer overflow / truncation
- debian/patches/08-CVE-2011-3026.patch: adjust pngrutil.c to verify size
when allocating memory in png_decompress_chunk()
- CVE-2011-3026
Checksums-Sha1:
ef9d11686a895191f144732d79d5ddc5be0b1560 1939 libpng_1.2.42-1ubuntu2.3.dsc
2affb83b8de9aa85e27f8e143d5ff03dbb8aa831 20857 libpng_1.2.42-1ubuntu2.3.debian.tar.bz2
Checksums-Sha256:
1aae5905428802dc447c58b9410609d061ad6d02957bfbae472734e7d8357546 1939 libpng_1.2.42-1ubuntu2.3.dsc
03a3d3d0061d1a427c145f640942344c7553bbce5f9bbe81003bf337db80cd43 20857 libpng_1.2.42-1ubuntu2.3.debian.tar.bz2
Files:
9ca5008bb19deeabe9a7e8b403080a4b 1939 libs optional libpng_1.2.42-1ubuntu2.3.dsc
c8cd074da3e06b4ddfb623d98e551724 20857 libs optional libpng_1.2.42-1ubuntu2.3.debian.tar.bz2
Original-Maintainer: Anibal Monsalve Salazar <anibal at debian.org>
More information about the Lucid-changes
mailing list