Public bug reported:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
affects ubuntu/netpbm-free
status new
importance wishlist
subscribe ubuntu-main-sponsors
Please sync netpbm-free 2:10.0-12.2 (main) from Debian unstable (main).
Explanation of the Ubuntu delta and why it can be dropped:
We can sync the package as debian has incorporated the CVE fix affecting
ubuntu
Changelog since current maverick version 2:10.0-12.1ubuntu1:
netpbm-free (2:10.0-12.2) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* Fix stack-based buffer overflow when processing XPM
image header fields. This can result in the execution
of arbitrary code (CVE-2009-4274; Closes: #569060)
-- Nico Golde <n...@debian.org> Sun, 20 Jun 2010 14:27:25 +0200
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkwi6WkACgkQUlfC4uPMy3QfEQCg1iHcxtpzB0lOcieHDu0etB3A
wtAAoIInt++3jEaC6pO4N9CFmfEPG+kn
=XGIj
-----END PGP SIGNATURE-----
** Affects: netpbm-free (Ubuntu)
Importance: Wishlist
Status: New
--
Please sync netpbm-free 2:10.0-12.2 (main) from Debian unstable (main).
https://bugs.launchpad.net/bugs/597957
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
