[ubuntu/trusty-updates] pixman 0.30.2-2ubuntu1.2 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Dec 11 17:58:07 UTC 2018

pixman (0.30.2-2ubuntu1.2) trusty-security; urgency=medium

  * SECURITY UPDATE: general_composite_rect() integer overflow
    - debian/patches/CVE-2015-5297-pre1.patch: ensure that iter buffers are
      aligned to 16 bytes in pixman/pixman-general.c,
      pixman/pixman-private.h, pixman/pixman-utils.c.
    - debian/patches/CVE-2015-5297-pre2.patch: use floating point combiners
      for all operators that involve divisions in pixman/pixman-general.c.
    - debian/patches/CVE-2015-5297-1.patch: fix stack related pointer
      arithmetic overflow in pixman/pixman-general.c.
    - debian/patches/CVE-2015-5297-2.patch: tighten up calculation of
      temporary buffer sizes in pixman/pixman-general.c.
    - debian/patches/disable_test.patch: disable blitters test as the
      correct CRC is unknown.
    - CVE-2015-5297

Date: 2018-12-11 14:19:18.468046+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Trusty-changes mailing list