[Bug 597957] ACK of sync request
Daniel Holbach
daniel.holbach at ubuntu.com
Thu Jun 24 07:29:32 BST 2010
ACKed.
** Changed in: netpbm-free (Ubuntu)
Status: New => Triaged
--
Please sync netpbm-free 2:10.0-12.2 (main) from Debian unstable (main).
https://bugs.launchpad.net/bugs/597957
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is a direct subscriber.
Status in “netpbm-free” package in Ubuntu: Triaged
Bug description:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
affects ubuntu/netpbm-free
status new
importance wishlist
subscribe ubuntu-main-sponsors
Please sync netpbm-free 2:10.0-12.2 (main) from Debian unstable (main).
Explanation of the Ubuntu delta and why it can be dropped:
We can sync the package as debian has incorporated the CVE fix affecting
ubuntu
Changelog since current maverick version 2:10.0-12.1ubuntu1:
netpbm-free (2:10.0-12.2) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* Fix stack-based buffer overflow when processing XPM
image header fields. This can result in the execution
of arbitrary code (CVE-2009-4274; Closes: #569060)
-- Nico Golde <nion at debian.org> Sun, 20 Jun 2010 14:27:25 +0200
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkwi6WkACgkQUlfC4uPMy3QfEQCg1iHcxtpzB0lOcieHDu0etB3A
wtAAoIInt++3jEaC6pO4N9CFmfEPG+kn
=XGIj
-----END PGP SIGNATURE-----
More information about the Ubuntu-sponsors
mailing list