Accepted gdk-pixbuf 0.22.0-8.1 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 20 Nov 2005 19:53:41 +0100
Source: gdk-pixbuf
Binary: libgdk-pixbuf-gnome-dev libgdk-pixbuf-dev libgdk-pixbuf-gnome2 libgdk-pixbuf2
Architecture: source i386
Version: 0.22.0-8.1
Distribution: stable-security
Urgency: high
Maintainer: Ryan Murray <rmurray@debian.org>
Changed-By: Loic Minier <lool@dooz.org>
Description:
libgdk-pixbuf-dev - The GdkPixBuf library - development files
libgdk-pixbuf-gnome-dev - The GNOME1 GdkPixBuf library - development files
libgdk-pixbuf-gnome2 - The GNOME1 Canvas pixbuf library
libgdk-pixbuf2 - The GdkPixBuf image library, gtk+ 1.2 version
Closes: 339458
Changes:
gdk-pixbuf (0.22.0-8.1) stable-security; urgency=high
.
* Non-maintainer upload targetted at stable-security.
* SECURITY UPDATE: Arbitrary code execution and DoS. (Closes: #339458)
- Add check to XPM reader to prevent integer overflow for specially
crafted number of colors.
[gdk-pixbuf/io-xpm.c] [CVE-2005-3186]
- Fix endless loop with specially crafted number of colors.
[gdk-pixbuf/io-xpm.c] [CVE-2005-2975]
- Fixes integer overflow by allocating GdkPixbuf via gdk_pixbuf_new()
instead of using malloc() and gdk_pixbuf_new_from_data().
[gdk-pixbuf/io-xpm.c] [CVE-2005-2976]
Files:
7a800a91469430a28ab1900ebb92ba83 709 libs optional gdk-pixbuf_0.22.0-8.1.dsc
4db0503b5a62533db68b03908b981751 519266 libs optional gdk-pixbuf_0.22.0.orig.tar.gz
20d149f93e8093e4dbb365e9278ce741 372331 libs optional gdk-pixbuf_0.22.0-8.1.diff.gz
0f6b383d15e21f02a9db0f3b58d31864 172140 oldlibs optional libgdk-pixbuf2_0.22.0-8.1_i386.deb
3b6d8fc4ebc1314a35c307dd51ec1e1f 7354 oldlibs optional libgdk-pixbuf-gnome2_0.22.0-8.1_i386.deb
0f2d4af07ce624a4fa3af2e0964e91a3 150416 oldlibs optional libgdk-pixbuf-dev_0.22.0-8.1_i386.deb
4e0d60fa4cebefe5c434fbe2e5bf16e6 7860 oldlibs optional libgdk-pixbuf-gnome-dev_0.22.0-8.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDgN9L4VUX8isJIMARAtU4AKC4XI2ohMnPHPG+gb/MxFn1jsoZGwCdEA4I
eWeqvOhpKLvRdWscvmnzvUM=
=w/sy
-----END PGP SIGNATURE-----
Accepted:
gdk-pixbuf_0.22.0-8.1.diff.gz
to pool/main/g/gdk-pixbuf/gdk-pixbuf_0.22.0-8.1.diff.gz
gdk-pixbuf_0.22.0-8.1.dsc
to pool/main/g/gdk-pixbuf/gdk-pixbuf_0.22.0-8.1.dsc
libgdk-pixbuf-dev_0.22.0-8.1_i386.deb
to pool/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_i386.deb
libgdk-pixbuf-gnome-dev_0.22.0-8.1_i386.deb
to pool/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_i386.deb
libgdk-pixbuf-gnome2_0.22.0-8.1_i386.deb
to pool/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_i386.deb
libgdk-pixbuf2_0.22.0-8.1_i386.deb
to pool/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_i386.deb
Reply to: