[ubuntu/natty-security] libpng 1.2.44-1ubuntu3.2 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Thu Feb 16 18:34:19 UTC 2012
libpng (1.2.44-1ubuntu3.2) natty-security; urgency=low
* SECURITY UPDATE: fix integer overflow / truncation
- debian/patches/05-CVE-2011-3026.patch: adjust pngrutil.c to verify size
when allocating memory in png_decompress_chunk()
- CVE-2011-3026
Date: Wed, 15 Feb 2012 21:16:54 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/libpng/1.2.44-1ubuntu3.2
-------------- next part --------------
Format: 1.8
Date: Wed, 15 Feb 2012 21:16:54 -0600
Source: libpng
Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb
Architecture: source
Version: 1.2.44-1ubuntu3.2
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description:
libpng12-0 - PNG library - runtime
libpng12-0-udeb - PNG library - minimal runtime library (udeb)
libpng12-dev - PNG library - development
libpng3 - PNG library - runtime
Changes:
libpng (1.2.44-1ubuntu3.2) natty-security; urgency=low
.
* SECURITY UPDATE: fix integer overflow / truncation
- debian/patches/05-CVE-2011-3026.patch: adjust pngrutil.c to verify size
when allocating memory in png_decompress_chunk()
- CVE-2011-3026
Checksums-Sha1:
845bc5f403723e303741a1c8303202b6ff579c96 1950 libpng_1.2.44-1ubuntu3.2.dsc
79aecebd52098f46af0171ffdb43b1343c050b0b 17094 libpng_1.2.44-1ubuntu3.2.debian.tar.bz2
Checksums-Sha256:
8e1cb3475fc7e4d8c8434bf5eea1b00f8530c830951702fd134cfe362dae102e 1950 libpng_1.2.44-1ubuntu3.2.dsc
0f0ed838756f7251a5db5f68390c78640940830a5236a2f5b93232d7de367e5d 17094 libpng_1.2.44-1ubuntu3.2.debian.tar.bz2
Files:
143f134fe43f19dc8920f378eadd8b1e 1950 libs optional libpng_1.2.44-1ubuntu3.2.dsc
5e9cca7451530e2c4cfe04170da0d154 17094 libs optional libpng_1.2.44-1ubuntu3.2.debian.tar.bz2
Original-Maintainer: Anibal Monsalve Salazar <anibal at debian.org>
More information about the Natty-changes
mailing list