[ubuntu/maverick-security] libpng 1.2.44-1ubuntu0.2 (Accepted)

Thu Feb 16 18:34:59 UTC 2012

libpng (1.2.44-1ubuntu0.2) maverick-security; urgency=low

  * SECURITY UPDATE: fix integer overflow / truncation
    - debian/patches/05-CVE-2011-3026.patch: adjust pngrutil.c to verify size
      when allocating memory in png_decompress_chunk()
    - CVE-2011-3026

Date: Wed, 15 Feb 2012 21:18:29 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/libpng/1.2.44-1ubuntu0.2
-------------- next part --------------
Format: 1.8
Date: Wed, 15 Feb 2012 21:18:29 -0600
Source: libpng
Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb
Architecture: source
Version: 1.2.44-1ubuntu0.2
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 libpng12-0 - PNG library - runtime
 libpng12-0-udeb - PNG library - minimal runtime library (udeb)
 libpng12-dev - PNG library - development
 libpng3    - PNG library - runtime
Changes: 
 libpng (1.2.44-1ubuntu0.2) maverick-security; urgency=low
 .
   * SECURITY UPDATE: fix integer overflow / truncation
     - debian/patches/05-CVE-2011-3026.patch: adjust pngrutil.c to verify size
       when allocating memory in png_decompress_chunk()
     - CVE-2011-3026
Checksums-Sha1: 
 08216bb69964d3a3ed4a85208ecaa3e765a33a50 1939 libpng_1.2.44-1ubuntu0.2.dsc
 d0e885088b9c2068790091e3111c2a8be2661388 16835 libpng_1.2.44-1ubuntu0.2.debian.tar.bz2
Checksums-Sha256: 
 dce3999687decfe77e5a0d02b2864410388713ceb1e85a9e8d144a5f0d3e491b 1939 libpng_1.2.44-1ubuntu0.2.dsc
 d875a54944c81b9a09a64b30039821418d2d2cfdf0b5a5975224b19ae824de3d 16835 libpng_1.2.44-1ubuntu0.2.debian.tar.bz2
Files: 
 2f5035ea3d6a6fe101e2b2a27d5c890e 1939 libs optional libpng_1.2.44-1ubuntu0.2.dsc
 da18bce8a39ebfe33f4dec06b7f858b3 16835 libs optional libpng_1.2.44-1ubuntu0.2.debian.tar.bz2
Original-Maintainer: Anibal Monsalve Salazar <anibal at debian.org>