[ubuntu/trusty-security] pixman 0.30.2-2ubuntu1.2 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Tue Dec 11 17:30:14 UTC 2018


pixman (0.30.2-2ubuntu1.2) trusty-security; urgency=medium

  * SECURITY UPDATE: general_composite_rect() integer overflow
    - debian/patches/CVE-2015-5297-pre1.patch: ensure that iter buffers are
      aligned to 16 bytes in pixman/pixman-general.c,
      pixman/pixman-private.h, pixman/pixman-utils.c.
    - debian/patches/CVE-2015-5297-pre2.patch: use floating point combiners
      for all operators that involve divisions in pixman/pixman-general.c.
    - debian/patches/CVE-2015-5297-1.patch: fix stack related pointer
      arithmetic overflow in pixman/pixman-general.c.
    - debian/patches/CVE-2015-5297-2.patch: tighten up calculation of
      temporary buffer sizes in pixman/pixman-general.c.
    - debian/patches/disable_test.patch: disable blitters test as the
      correct CRC is unknown.
    - CVE-2015-5297

Date: 2018-12-11 14:19:18.468046+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/pixman/0.30.2-2ubuntu1.2
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list