libpng (1.2.54-1ubuntu1) xenial; urgency=medium * SECURITY UPDATE: overflows in png_handle_zTXt(), png_handle_sPLT(), png_handle_pCAL(), and png_set_PLTE() - debian/patches/CVE-2015-8472.patch: check lengths in pngrutil.c, properly use info_ptr in pngset.c. - CVE-2015-8472 * SECURITY UPDATE: out-of-range read in png_check_keyword() - debian/patches/CVE-2015-8540.patch: check key_len in pngwutil.c. - CVE-2015-8540
Date: Wed, 06 Jan 2016 12:39:08 -0500 Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com> Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> https://launchpad.net/ubuntu/+source/libpng/1.2.54-1ubuntu1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 06 Jan 2016 12:39:08 -0500 Source: libpng Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb Architecture: source Version: 1.2.54-1ubuntu1 Distribution: xenial Urgency: medium Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com> Description: libpng12-0 - PNG library - runtime libpng12-0-udeb - PNG library - minimal runtime library (udeb) libpng12-dev - PNG library - development libpng3 - PNG library - runtime Changes: libpng (1.2.54-1ubuntu1) xenial; urgency=medium . * SECURITY UPDATE: overflows in png_handle_zTXt(), png_handle_sPLT(), png_handle_pCAL(), and png_set_PLTE() - debian/patches/CVE-2015-8472.patch: check lengths in pngrutil.c, properly use info_ptr in pngset.c. - CVE-2015-8472 * SECURITY UPDATE: out-of-range read in png_check_keyword() - debian/patches/CVE-2015-8540.patch: check key_len in pngwutil.c. - CVE-2015-8540 Checksums-Sha1: a902254f30c88caae891ae7fe0d60f597c1caedf 2115 libpng_1.2.54-1ubuntu1.dsc 9a31b8ced7b99185a624ff93cfe3ef5fe4b998fd 18612 libpng_1.2.54-1ubuntu1.debian.tar.xz Checksums-Sha256: 3522cc6f379d27741b54121bba552cb5b1d0525fd1f6aa9942e774527828b13d 2115 libpng_1.2.54-1ubuntu1.dsc b0edf2c01a4dcefa88c26d0e5ddafc3bada204acce665e7a16ab0133b580cc0b 18612 libpng_1.2.54-1ubuntu1.debian.tar.xz Files: e835f0ad60d3c9b34a61299c6b35f0bd 2115 libs optional libpng_1.2.54-1ubuntu1.dsc 561c35340c9a0cb27b78735dd17f072d 18612 libs optional libpng_1.2.54-1ubuntu1.debian.tar.xz Original-Maintainer: Anibal Monsalve Salazar <ani...@debian.org> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWjVdjAAoJEGVp2FWnRL6T4UEP/23DlsafkHnst6F2TuNvUYPe vEfD6+O99POxcm2oFUyNM2VW9VhxlAkU7dJbxM6gnxikwh29cr+uzRLxrhnl5mz2 MpdtrqVa3TZO/YteueDQt62YT1MDGIY4q5kUXohd3xVVMJx5aKZfacJZibbKlC4b 4jVZHsLqKtTDIkzzNRMdK4V2g1lR7DoQRlnprb4JDARa/6PKbpQ8SefER3fkmw5A tG4Nu3O9hJtFMsHhw9Ej1fnHJ8+4zD0Qt25meFKFYsqXWi7h8W5EbmpN+WZ5zUHx ztJF47Nf370p4RU5qYRoCfXUneCZ+nxm233f8txNGpPKTU9BY6nELodcPI/1iFEy Ni4CTaF3AZ0nmjtaw97aYi7G/fjkcfm/4pz3+anV5ptj3ARVKvFsUFNymxAiUWj9 UgrT48lUhqQ0d+59zMgPZwhtfyUhIsrJ9+cecPeaL+6FHOjEFaQx/W0i64mRHDeX //FTb+mXU1mwo2Sv2HH/i6zEi4SCWnCd158X/H9Yi6Ud2UpA2/xAYCCRgXUxao/6 FuyV+TUsihG72w+UK+akp0Xgvu8pBHwJ4NPPWt6KYp9QddwyM9etNYrSBeX7x2Gs p7F8XtmO6K4creh4msFjDRbcqSE4nMGD4E8WvpwBSe7PjJMFsPbfyg3l+2MaRdyp 4YpA2abxeUUDAZHqvXEN =GTHp -----END PGP SIGNATURE-----
-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes