[ubuntu/natty-security] libpng 1.2.44-1ubuntu3.1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Tue Jul 26 17:03:57 UTC 2011
libpng (1.2.44-1ubuntu3.1) natty-security; urgency=low
* SECURITY UPDATE: denial of service via error message data
- debian/patches/02-CVE-2011-2501.patch: correctly calculate length in
pngerror.c.
- CVE-2011-2501
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via crafted PNG image
- debian/patches/03-CVE-2011-2690.patch: validate coefficients in
pngrtran.c.
- CVE-2011-2690
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via invalid sCAL chunks
- debian/patches/04-CVE-2011-2692.patch: check sCAL chunk length in
pngrutil.c.
- CVE-2011-2692
Date: Tue, 26 Jul 2011 08:29:58 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/libpng/1.2.44-1ubuntu3.1
-------------- next part --------------
Format: 1.8
Date: Tue, 26 Jul 2011 08:29:58 -0400
Source: libpng
Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb
Architecture: source
Version: 1.2.44-1ubuntu3.1
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libpng12-0 - PNG library - runtime
libpng12-0-udeb - PNG library - minimal runtime library (udeb)
libpng12-dev - PNG library - development
libpng3 - PNG library - runtime
Changes:
libpng (1.2.44-1ubuntu3.1) natty-security; urgency=low
.
* SECURITY UPDATE: denial of service via error message data
- debian/patches/02-CVE-2011-2501.patch: correctly calculate length in
pngerror.c.
- CVE-2011-2501
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via crafted PNG image
- debian/patches/03-CVE-2011-2690.patch: validate coefficients in
pngrtran.c.
- CVE-2011-2690
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via invalid sCAL chunks
- debian/patches/04-CVE-2011-2692.patch: check sCAL chunk length in
pngrutil.c.
- CVE-2011-2692
Checksums-Sha1:
caaa29e96c6d951c89c0fe99b3649c76fa741b47 1950 libpng_1.2.44-1ubuntu3.1.dsc
abc9f1dfb1a7c264a70f352a33fcfd02420fe6af 16615 libpng_1.2.44-1ubuntu3.1.debian.tar.bz2
Checksums-Sha256:
b26bfd527fb0a20c7373c1d29ca25e0599866e6df8ffd3391162278137233c46 1950 libpng_1.2.44-1ubuntu3.1.dsc
2d8060ba59fbe2d49e02d790086fc50bd3b635d083771b4aabe1e941e8964fa4 16615 libpng_1.2.44-1ubuntu3.1.debian.tar.bz2
Files:
f0c2b9aa49b2aee489ca1273e6a570e4 1950 libs optional libpng_1.2.44-1ubuntu3.1.dsc
e2f4a15ab20b19905fc20f828baa5b64 16615 libs optional libpng_1.2.44-1ubuntu3.1.debian.tar.bz2
Original-Maintainer: Anibal Monsalve Salazar <anibal at debian.org>
More information about the Natty-changes
mailing list