[ubuntu/trusty-updates] gdk-pixbuf 2.30.7-0ubuntu1.6 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Sep 21 19:58:19 UTC 2016
gdk-pixbuf (2.30.7-0ubuntu1.6) trusty-security; urgency=medium
* SECURITY UPDATE: Fix a write out-of-bounds error parsing a malicious ico
- debian/patches/CVE-2016-6352.patch: Be more careful when parsing ico
headers. Based on upstream patch.
- Thanks to Franco Costantini for discovering this issue using QuickFuzz.
- CVE-2016-6352
* SECURITY UPDATE: Fix a heap-based buffer overflow
- debian/patches/CVE-2015-7552.patch: Protect against overflow. Based on
upstream patches.
- CVE-2015-7552
* SECURITY UPDATE: Fix multiple integer overflows
- debian/patches/CVE-2015-8875.patch: use gint64 in more places to avoid
overflow when shifting
- CVE-2015-8875
Date: 2016-09-21 15:10:13.071365+00:00
Changed-By: Emily Ratliff <emily.ratliff at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/gdk-pixbuf/2.30.7-0ubuntu1.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list