Package: libpng
Version: 1.2.8rel-5.1
Severity: normal
Tags: patch
Hi,
Attached is the diff for my libpng 1.2.8rel-5.2 NMU.
diff -u libpng-1.2.8rel/debian/changelog libpng-1.2.8rel/debian/changelog
--- libpng-1.2.8rel/debian/changelog
+++ libpng-1.2.8rel/debian/changelog
@@ -1,3 +1,12 @@
+libpng (1.2.8rel-5.2) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Backport changes from 1.2.12 to fix a buffer overflow in
+ png_decompress_chunk; patch by Alec Berryman. [CVE-2006-3334]
+ (Closes: #377298)
+
+ -- Steinar H. Gunderson <[EMAIL PROTECTED]> Sun, 16 Jul 2006 16:27:56 +0200
+
libpng (1.2.8rel-5.1) unstable; urgency=low
* Non Maintainer Upload (closes: #356252).
only in patch2:
unchanged:
--- libpng-1.2.8rel.orig/pngrutil.c
+++ libpng-1.2.8rel/pngrutil.c
@@ -275,7 +275,7 @@
if (ret != Z_STREAM_END)
{
#if !defined(PNG_NO_STDIO) && !defined(_WIN32_WCE)
- char umsg[50];
+ char umsg[52];
if (ret == Z_BUF_ERROR)
sprintf(umsg,"Buffer error in compressed datastream in %s chunk",
