Public bug reported: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
affects ubuntu/netpbm-free status new importance wishlist subscribe ubuntu-main-sponsors Please sync netpbm-free 2:10.0-12.2 (main) from Debian unstable (main). Explanation of the Ubuntu delta and why it can be dropped: We can sync the package as debian has incorporated the CVE fix affecting ubuntu Changelog since current maverick version 2:10.0-12.1ubuntu1: netpbm-free (2:10.0-12.2) unstable; urgency=high * Non-maintainer upload by the Security Team. * Fix stack-based buffer overflow when processing XPM image header fields. This can result in the execution of arbitrary code (CVE-2009-4274; Closes: #569060) -- Nico Golde <n...@debian.org> Sun, 20 Jun 2010 14:27:25 +0200 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkwi6WkACgkQUlfC4uPMy3QfEQCg1iHcxtpzB0lOcieHDu0etB3A wtAAoIInt++3jEaC6pO4N9CFmfEPG+kn =XGIj -----END PGP SIGNATURE----- ** Affects: netpbm-free (Ubuntu) Importance: Wishlist Status: New -- Please sync netpbm-free 2:10.0-12.2 (main) from Debian unstable (main). https://bugs.launchpad.net/bugs/597957 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs