[Bug 821591] [NEW] Sync libpng 1.2.46-3 (main) from Debian unstable (main)

Launchpad Bug Tracker 821591 at bugs.launchpad.net
Fri Aug 5 17:30:38 UTC 2011 

You have been subscribed to a public bug by Marc Deslauriers (mdeslaur):

Please sync libpng 1.2.46-3 (main) from Debian unstable (main)

Explanation of the Ubuntu delta and why it can be dropped:
- All Ubuntu changes are now in the debian package

Changelog entries since current oneiric version 1.2.44-2ubuntu1:

libpng (1.2.46-3) unstable; urgency=low

  * libpng12-0-udeb: Don't use bzip2 compression
    Closes: 634865

 -- Anibal Monsalve Salazar <anibal at debian.org>  Wed, 27 Jul 2011
12:44:46 +1000

libpng (1.2.46-2) unstable; urgency=low

  [ Steve Langasek ]
  * Build for multiarch.  Requires converting libpng3 from Arch: all to
    Arch: any. Closes: 634151
  * Drop debian/libpng12-0-udeb.dirs, which just adds a pointless empty
    directory to the udeb.

  [ Anibal Monsalve Salazar ]
  * Fix doc-base file
    Closes: 633944, 633957, 634120
  * Pass "-Zbzip2 -z9" to dpkg-deb

 -- Anibal Monsalve Salazar <anibal at debian.org>  Mon, 18 Jul 2011
22:05:48 +1000

libpng (1.2.46-1) unstable; urgency=high

  * New upstream release (Closes: #633871).
    - Fix CVE: CVE-2011-2690
      Buffer overwrite in png_rgb_to_gray
    - CVE: CVE-2011-2691
      Crash in png_default_error due to use of NULL Pointer
    - CVE: CVE-2011-2692
      Memory corruption when handling empty sCAL chunks
    - Update patches/01-legacy.patch
    - Remove patches/02-632786-CVE-2011-2501.patch. Applied to upstream.

 -- Nobuhiro Iwamatsu <iwamatsu at debian.org>  Fri, 15 Jul 2011 11:47:49
+0900

libpng (1.2.44-3) unstable; urgency=high

  * Fix 1-byte uninitialized memory reference in png_format_buffer()
    Fix CVE-2011-2501
    Add debian/patches/02-632786-CVE-2011-2501.patch
    Closes: 632786
  * Standards version is 3.9.2
  * Fix xc-package-type-in-debian-control
  * Fix debian-rules-missing-recommended-target

 -- Anibal Monsalve Salazar <anibal at debian.org>  Wed, 06 Jul 2011
10:04:32 +1000

** Affects: libpng (Ubuntu)
     Importance: Wishlist
         Status: Confirmed

-- 
Sync libpng 1.2.46-3 (main) from Debian unstable (main)
https://bugs.launchpad.net/bugs/821591
You received this bug notification because you are a member of Ubuntu Package Archive Administrators, which is subscribed to the bug report.

More information about the ubuntu-archive mailing list