[ubuntu/natty-security] libpng 1.2.44-1ubuntu3.2 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Thu Feb 16 18:34:19 UTC 2012 

libpng (1.2.44-1ubuntu3.2) natty-security; urgency=low

  * SECURITY UPDATE: fix integer overflow / truncation
    - debian/patches/05-CVE-2011-3026.patch: adjust pngrutil.c to verify size
      when allocating memory in png_decompress_chunk()
    - CVE-2011-3026

Date: Wed, 15 Feb 2012 21:16:54 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/libpng/1.2.44-1ubuntu3.2
-------------- next part --------------
Format: 1.8
Date: Wed, 15 Feb 2012 21:16:54 -0600
Source: libpng
Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb
Architecture: source
Version: 1.2.44-1ubuntu3.2
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 libpng12-0 - PNG library - runtime
 libpng12-0-udeb - PNG library - minimal runtime library (udeb)
 libpng12-dev - PNG library - development
 libpng3    - PNG library - runtime
Changes: 
 libpng (1.2.44-1ubuntu3.2) natty-security; urgency=low
 .
   * SECURITY UPDATE: fix integer overflow / truncation
     - debian/patches/05-CVE-2011-3026.patch: adjust pngrutil.c to verify size
       when allocating memory in png_decompress_chunk()
     - CVE-2011-3026
Checksums-Sha1: 
 845bc5f403723e303741a1c8303202b6ff579c96 1950 libpng_1.2.44-1ubuntu3.2.dsc
 79aecebd52098f46af0171ffdb43b1343c050b0b 17094 libpng_1.2.44-1ubuntu3.2.debian.tar.bz2
Checksums-Sha256: 
 8e1cb3475fc7e4d8c8434bf5eea1b00f8530c830951702fd134cfe362dae102e 1950 libpng_1.2.44-1ubuntu3.2.dsc
 0f0ed838756f7251a5db5f68390c78640940830a5236a2f5b93232d7de367e5d 17094 libpng_1.2.44-1ubuntu3.2.debian.tar.bz2
Files: 
 143f134fe43f19dc8920f378eadd8b1e 1950 libs optional libpng_1.2.44-1ubuntu3.2.dsc
 5e9cca7451530e2c4cfe04170da0d154 17094 libs optional libpng_1.2.44-1ubuntu3.2.debian.tar.bz2
Original-Maintainer: Anibal Monsalve Salazar <anibal at debian.org>

More information about the Natty-changes mailing list