[ubuntu/oneiric-security] libpng 1.2.46-3ubuntu1.1 (Accepted)

Thu Feb 16 18:33:33 UTC 2012

libpng (1.2.46-3ubuntu1.1) oneiric-security; urgency=low

  * SECURITY UPDATE: fix integer overflow / truncation
    - debian/patches/CVE-2011-3026.patch: adjust pngrutil.c to verify size
      when allocating memory in png_decompress_chunk()
    - CVE-2011-3026

Date: Wed, 15 Feb 2012 21:10:29 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/oneiric/+source/libpng/1.2.46-3ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Wed, 15 Feb 2012 21:10:29 -0600
Source: libpng
Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb
Architecture: source
Version: 1.2.46-3ubuntu1.1
Distribution: oneiric-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 libpng12-0 - PNG library - runtime
 libpng12-0-udeb - PNG library - minimal runtime library (udeb)
 libpng12-dev - PNG library - development
 libpng3    - PNG library - runtime
Changes: 
 libpng (1.2.46-3ubuntu1.1) oneiric-security; urgency=low
 .
   * SECURITY UPDATE: fix integer overflow / truncation
     - debian/patches/CVE-2011-3026.patch: adjust pngrutil.c to verify size
       when allocating memory in png_decompress_chunk()
     - CVE-2011-3026
Checksums-Sha1: 
 a24fa16fa33977bfe111810ffd7123cf556642c8 1935 libpng_1.2.46-3ubuntu1.1.dsc
 5a9c50113f0601f936c0f29bb89b506308ddde0d 16215 libpng_1.2.46-3ubuntu1.1.debian.tar.bz2
Checksums-Sha256: 
 3fc9d2bdeb61c1c85699d8781e1a9c1be70a2fc15a70c22c44f93f7d4dc69a56 1935 libpng_1.2.46-3ubuntu1.1.dsc
 8f5bcb549d974871b6b575cc643a556d8fbdeda1cb5e9633d0d189d6b4f915a1 16215 libpng_1.2.46-3ubuntu1.1.debian.tar.bz2
Files: 
 8a414ef844500f816263aa896f47e3b2 1935 libs optional libpng_1.2.46-3ubuntu1.1.dsc
 5e6e4129c57d549395d5e4daee7de861 16215 libs optional libpng_1.2.46-3ubuntu1.1.debian.tar.bz2
Original-Maintainer: Anibal Monsalve Salazar <anibal at debian.org>