[ubuntu/trusty-security] libpng 1.2.50-1ubuntu2.14.04.2 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Jan 6 17:32:02 UTC 2016
libpng (1.2.50-1ubuntu2.14.04.2) trusty-security; urgency=medium
* SECURITY UPDATE: overflows in png_handle_zTXt(), png_handle_sPLT(),
png_handle_pCAL(), and png_set_PLTE()
- debian/patches/CVE-2015-8472.patch: check lengths in pngrutil.c,
properly use info_ptr in pngset.c.
- CVE-2015-8472
* SECURITY UPDATE: out-of-range read in png_check_keyword()
- debian/patches/CVE-2015-8540.patch: check key_len in pngwutil.c.
- CVE-2015-8540
Date: 2015-12-18 15:15:16.028049+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libpng/1.2.50-1ubuntu2.14.04.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list