Bug#595171: CVE-2010-1519

2010-10-07 Thread Paul Wise
On Thu, Oct 7, 2010 at 5:47 AM, Moritz Muehlenhoff wrote: > We should do that. Can you take care of an chromium-bsu upload? Uploaded just now. -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe".

Bug#595171: CVE-2010-1519

2010-10-06 Thread Moritz Muehlenhoff
On Fri, Sep 03, 2010 at 12:15:09PM +0800, Paul Wise wrote: > On Thu, Sep 2, 2010 at 9:08 PM, Christoph Egger wrote: > > >    Would be probably best to get rid of glpng soon then (pabs: how's > > the status on cromium-bsu there?). Unfortunately I'm VAC for another > > week and probably offline mos

Bug#595171: CVE-2010-1519

2010-09-10 Thread Hans de Goede
Hi, >I had a quick search about this problem. Seems the fedora side [0] > has a bit more detail but not much. Probably we can share patch with > Hans who is working on a Fedora solution. > [0] https://bugzilla.redhat.com/show_bug.cgi?id=623831 Just a quick update that I've a patch which I

Bug#595171: CVE-2010-1519

2010-09-04 Thread Paul Wise
On Sat, Sep 4, 2010 at 1:15 AM, Moritz Muehlenhoff wrote: > According to the changelog chromium-bsu ships an embedded code copy > of libglpng? In that case it might be a good solution to revert to > the internal copy and simply remove the standalone version. I removed the glpng embedded code cop

Bug#595171: CVE-2010-1519

2010-09-03 Thread Moritz Muehlenhoff
Hi, On Fri, Sep 03, 2010 at 12:15:09PM +0800, Paul Wise wrote: > On Thu, Sep 2, 2010 at 9:08 PM, Christoph Egger wrote: > > >    Would be probably best to get rid of glpng soon then (pabs: how's > > the status on cromium-bsu there?). Unfortunately I'm VAC for another > > week and probably offlin

Bug#595171: CVE-2010-1519

2010-09-02 Thread Paul Wise
On Thu, Sep 2, 2010 at 9:08 PM, Christoph Egger wrote: >    Would be probably best to get rid of glpng soon then (pabs: how's > the status on cromium-bsu there?). Unfortunately I'm VAC for another > week and probably offline most of the time (as well as keyless). The SDL_Image loader released wi

Bug#595171: CVE-2010-1519

2010-09-02 Thread Christoph Egger
Hi all! Moritz Muehlenhoff writes: > Package: libglpng > Severity: grave > Tags: security > > Hi, > the following vulnerability has been reported in libglpng: > > http://secunia.com/secunia_research/2010-87/ > > This is CVE-2010-1519 > > Cheers, > Moritz I had a quick search about th

Bug#595171: CVE-2010-1519

2010-09-01 Thread Moritz Muehlenhoff
Package: libglpng Severity: grave Tags: security Hi, the following vulnerability has been reported in libglpng: http://secunia.com/secunia_research/2010-87/ This is CVE-2010-1519 Cheers, Moritz -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500