[ubuntu/quantal] libpng 1.2.49-1ubuntu1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Thu May 24 14:25:43 UTC 2012
libpng (1.2.49-1ubuntu1) quantal; urgency=low
* Merge from Debian unstable. Remaining changes:
- Revert to gzip compression for libpng12-0's data tarball. Packages in
the base system may not use bzip2.
libpng (1.2.49-1) unstable; urgency=high
* New upstream version 1.2.49
- Fix CVE-2011-3048 (memory corruption flaw)
Closes: 667475
- Don't crash with electric fence memory debugger
Closes: 668082
* Merged upstream: 02-665208-CVE-2012-3045.patch
libpng (1.2.47-2) unstable; urgency=high
* Fix Buffer overflow
Fix CVE-2012-3045
Add 02-665208-CVE-2012-3045.patch
Closes: 665208
* Standards Version is 3.9.3
libpng (1.2.47-1) unstable; urgency=low
* New upstream version 1.2.47
The purpose of this release is to fix the dangerous CVE-2011-3026.
The libpng patch is different from the one that was distributed
earlier by Chromium, in that the libpng user limit feature is not
crippled by the patch.
Remove 02-660026-CVE-2011-3026.patch
libpng (1.2.46-5) unstable; urgency=high
* Check for both truncation (64-bit platforms) and integer overflow
Fix CVE-2011-3026
Add 02-660026-CVE-2011-3026.patch
Closes: 660026
libpng (1.2.46-4) unstable; urgency=low
* Update debian/rules.
Enabled hardened build flags. (Closes: #654149)
Date: Thu, 24 May 2012 10:13:23 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/quantal/+source/libpng/1.2.49-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 24 May 2012 10:13:23 -0400
Source: libpng
Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb
Architecture: source
Version: 1.2.49-1ubuntu1
Distribution: quantal
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libpng12-0 - PNG library - runtime
libpng12-0-udeb - PNG library - minimal runtime library (udeb)
libpng12-dev - PNG library - development
libpng3 - PNG library - runtime
Closes: 654149 660026 665208 667475 668082
Changes:
libpng (1.2.49-1ubuntu1) quantal; urgency=low
.
* Merge from Debian unstable. Remaining changes:
- Revert to gzip compression for libpng12-0's data tarball. Packages in
the base system may not use bzip2.
.
libpng (1.2.49-1) unstable; urgency=high
.
* New upstream version 1.2.49
- Fix CVE-2011-3048 (memory corruption flaw)
Closes: 667475
- Don't crash with electric fence memory debugger
Closes: 668082
* Merged upstream: 02-665208-CVE-2012-3045.patch
.
libpng (1.2.47-2) unstable; urgency=high
.
* Fix Buffer overflow
Fix CVE-2012-3045
Add 02-665208-CVE-2012-3045.patch
Closes: 665208
* Standards Version is 3.9.3
.
libpng (1.2.47-1) unstable; urgency=low
.
* New upstream version 1.2.47
.
The purpose of this release is to fix the dangerous CVE-2011-3026.
The libpng patch is different from the one that was distributed
earlier by Chromium, in that the libpng user limit feature is not
crippled by the patch.
.
Remove 02-660026-CVE-2011-3026.patch
.
libpng (1.2.46-5) unstable; urgency=high
.
* Check for both truncation (64-bit platforms) and integer overflow
Fix CVE-2011-3026
Add 02-660026-CVE-2011-3026.patch
Closes: 660026
.
libpng (1.2.46-4) unstable; urgency=low
.
* Update debian/rules.
Enabled hardened build flags. (Closes: #654149)
Checksums-Sha1:
4e154b6a7fb4a176fab8b2999727bd76f9695a8d 2083 libpng_1.2.49-1ubuntu1.dsc
93cdd7e4fe01b490cf045e3f354ab38f0200c540 669011 libpng_1.2.49.orig.tar.bz2
759ab7de664ada20f5588cfef521c9e5c0ce671b 16360 libpng_1.2.49-1ubuntu1.debian.tar.bz2
Checksums-Sha256:
7ac217e6680c0b8a7034c8b9796c91371e89545b9d86a465ad487f9a016d4714 2083 libpng_1.2.49-1ubuntu1.dsc
fbf8faa70ebca2ed2ee6df6f2249f4722517b581af5b6c3c71bbdaf925d5954e 669011 libpng_1.2.49.orig.tar.bz2
4263238fafd1cceeac6b9275fc493a877408a4464ec4db859ab0b503c72f20c6 16360 libpng_1.2.49-1ubuntu1.debian.tar.bz2
Files:
b0021c4e87c0458a1b16684d74aafc3f 2083 libs optional libpng_1.2.49-1ubuntu1.dsc
d5106b70b4f8b464a7da66bffe4565fb 669011 libs optional libpng_1.2.49.orig.tar.bz2
d6c056f53d1d38a5e72c01b703a8c2ea 16360 libs optional libpng_1.2.49-1ubuntu1.debian.tar.bz2
Original-Maintainer: Anibal Monsalve Salazar <anibal at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJPvkSJAAoJEGVp2FWnRL6TY8sP/1iY3ghhlvaDlUYnTcUY4xq9
mNyTriNP9xLJcnWp1j2c+PzwpEax5jlEsEZYX8ZVlre29o2dWWlmabK2oD1t1Wmz
bylJ3d+PuRYOzTN9fiJ3JK4pR9NUt16bd6RtyDS55Tiy+y2saqSuiKy0JJYxH89X
tBLw5XLYVVrt0JXHZb5pJbL8HVg98husHVktqMqajr9UUAtuDj7Dp7hn3UTtxilK
rQUfjVp7zH+ki54JF970fBFWRrYil3UnAUkm7Dbg+ILoJzqV8jBIyXDrH12T6iFg
iEP5PJ6QJ/7H41i4DhNSpef3r1+hRo2eiQH2U8VA/HGqh9iaV4cKZokn425Uvhs6
STHxlbsfYKJ+8UBR0VCd8nJFMRfqGExFYyQK+ujn9ktOggt63/KlSJh7SErpU4tN
mWpaw8WWx5/+a/+RR10EMUlGaAuC3odJCAaXT8PaJtrbOKVPbMVqYkwpsqL/HBWb
mUuTNSV6mel/CBEr6l1NaGrCYkU+Tor3uBC70dXlxT4351m7dVtH7MntAc0kNLEC
gZrhAHcvPM2dNMW86sks4ixtoChbRss2lnWJ2U2592hqkorxutJWPJtoaMOBK28K
p9y8tGs/CIvKahZKYfzp3UWg3oFZCSDEwxHSDz+zHh6wxCpRoLhLcH+VuBb4Hd/d
IKWopCtJYZS/w5Vc5/+y
=ySVS
-----END PGP SIGNATURE-----
More information about the Quantal-changes
mailing list