[ubuntu/vivid-security] libpng 1.2.51-0ubuntu3.15.04.2 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Jan 6 17:32:04 UTC 2016
libpng (1.2.51-0ubuntu3.15.04.2) vivid-security; urgency=medium
* SECURITY UPDATE: overflows in png_handle_zTXt(), png_handle_sPLT(),
png_handle_pCAL(), and png_set_PLTE()
- debian/patches/CVE-2015-8472.patch: check lengths in pngrutil.c,
properly use info_ptr in pngset.c.
- CVE-2015-8472
* SECURITY UPDATE: out-of-range read in png_check_keyword()
- debian/patches/CVE-2015-8540.patch: check key_len in pngwutil.c.
- CVE-2015-8540
Date: 2015-12-18 15:15:18.064388+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libpng/1.2.51-0ubuntu3.15.04.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Vivid-changes
mailing list