Accepted libpng3 1.2.5.0-7 (i386 source all)

To: debian-devel-changes@lists.debian.org
Subject: Accepted libpng3 1.2.5.0-7 (i386 source all)
From: Josselin Mouette <joss@debian.org>
Date: Thu, 05 Aug 2004 07:18:08 -0400
Message-id: <[🔎] E1BsgG8-0006j0-00@newraff.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu,  5 Aug 2004 12:37:32 +0200
Source: libpng3
Binary: libpng3-dev libpng12-dev libpng12-0 libpng12-0-udeb libpng3
Architecture: source all i386
Version: 1.2.5.0-7
Distribution: unstable
Urgency: high
Maintainer: Josselin Mouette <joss@debian.org>
Changed-By: Josselin Mouette <joss@debian.org>
Description: 
 libpng12-0 - PNG library - runtime
 libpng12-0-udeb - PNG library - minimal runtime library (udeb)
 libpng12-dev - PNG library - development
 libpng3    - PNG library - runtime
 libpng3-dev - PNG library - development, compatibility package
Closes: 263500
Changes: 
 libpng3 (1.2.5.0-7) unstable; urgency=high
 .
   * pngrtran.c: applied upstream patch 4 to fix incorrect calculation of
     buffer offsets [CAN-2004-0768].
   * png.h, pngpread.c, pngrutil.c: patch from Chris Evans
     <chris@scary.beasts.org> to fix several vulnerabilities (closes: #263500):
     + libpng fails to properly check length on PNG data [CAN-2004-0597].
     + libpng "png_handle_sBIT" does not perform proper checks to avoid stack
       buffer overflow [CAN-2004-0597].
     + libpng "png_handle_iCCP" possible NULL-pointer crash
       [CAN-2004-0598].
     + libpng "png_handle_sPLT" possible integer overflow
       [CAN-2004-0599].
     + libpng "png_read_png" does not properly handle a PNG with excessive
       height (integer overflow) [CAN-2004-0599].
     + libpng progressive reading integer overflow [CAN-2004-0599].
Files: 
 156ff5587d1ca56c3a3c1ec8c8238138 635 libs optional libpng3_1.2.5.0-7.dsc
 688f6347dbee0df26e23705185502bca 13820 libs optional libpng3_1.2.5.0-7.diff.gz
 c6664206b2830de36ca68835b46f5097 940 libs optional libpng3_1.2.5.0-7_all.deb
 2cf77494dd1af5cb1731feed361ebb95 934 libdevel optional libpng3-dev_1.2.5.0-7_all.deb
 713dfd2e484f2d762d6864f024ff5eff 110100 libs optional libpng12-0_1.2.5.0-7_i386.deb
 83d090e3cc2782f054aa4680ef3711fa 238510 libdevel optional libpng12-dev_1.2.5.0-7_i386.deb
 4ca10db90ca9d491ce26b8094a8e0ce1 71140 debian-installer optional libpng12-0-udeb_1.2.5.0-7_i386.udeb
package-type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBEhQRrSla4ddfhTMRAroiAKCc8R1qMK+4AZEd1bhZT5b7krtjHwCfVY5z
/yAj+zrbkAfBgBNzAlgfu60=
=UbVb
-----END PGP SIGNATURE-----


Accepted:
libpng12-0-udeb_1.2.5.0-7_i386.udeb
  to pool/main/libp/libpng3/libpng12-0-udeb_1.2.5.0-7_i386.udeb
libpng12-0_1.2.5.0-7_i386.deb
  to pool/main/libp/libpng3/libpng12-0_1.2.5.0-7_i386.deb
libpng12-dev_1.2.5.0-7_i386.deb
  to pool/main/libp/libpng3/libpng12-dev_1.2.5.0-7_i386.deb
libpng3-dev_1.2.5.0-7_all.deb
  to pool/main/libp/libpng3/libpng3-dev_1.2.5.0-7_all.deb
libpng3_1.2.5.0-7.diff.gz
  to pool/main/libp/libpng3/libpng3_1.2.5.0-7.diff.gz
libpng3_1.2.5.0-7.dsc
  to pool/main/libp/libpng3/libpng3_1.2.5.0-7.dsc
libpng3_1.2.5.0-7_all.deb
  to pool/main/libp/libpng3/libpng3_1.2.5.0-7_all.deb

Reply to:

Prev by Date: Accepted python-omniorb2 2.4-2 (i386 source all)
Next by Date: Accepted libpng 1.0.15-6 (i386 source all)
Previous by thread: Accepted python-omniorb2 2.4-2 (i386 source all)
Next by thread: Accepted libpng 1.0.15-6 (i386 source all)
Index(es):
- Date
- Thread