[ubuntu/trusty-security] libpng 1.2.50-1ubuntu2.14.04.2 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Jan 6 17:32:02 UTC 2016

libpng (1.2.50-1ubuntu2.14.04.2) trusty-security; urgency=medium

  * SECURITY UPDATE: overflows in png_handle_zTXt(), png_handle_sPLT(),
    png_handle_pCAL(), and png_set_PLTE()
    - debian/patches/CVE-2015-8472.patch: check lengths in pngrutil.c,
      properly use info_ptr in pngset.c.
    - CVE-2015-8472
  * SECURITY UPDATE: out-of-range read in png_check_keyword()
    - debian/patches/CVE-2015-8540.patch: check key_len in pngwutil.c.
    - CVE-2015-8540

Date: 2015-12-18 15:15:16.028049+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Trusty-changes mailing list