[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

please hint libpng 1.2.13-4 (with udeb)


Please hint libpng 1.2.13-4 (with udeb). It fixes CVE-2006-5793
and CVE-2006-3334.

The new changelog entries (not in etch) are:

libpng (1.2.13-4) unstable; urgency=low

  * Removed drop_pass_width patch. Closes: #399499.

libpng (1.2.13-3) unstable; urgency=low

  * libpng12-dev: removed the conflict with libpng3-dev.

libpng (1.2.13-2) unstable; urgency=low

  * Put back binary package libpng3.

libpng (1.2.13-1) unstable; urgency=low

  * Fixed conflict with the new libpng package. Closes: #399296.
  * Fixed png.5 man page formatting. Closes: #353061.
    Patch by Kevin Ryde <user42@zip.com.au>.

libpng (1.2.13-0) unstable; urgency=high

  * New upstream release.
  * CVE-2006-5793: Fixed a new security issue regarding malformed
    sPLT chunks. Closes: #398706.
  * Transitional package libpng3 is not shipped anymore.
    Closes: #369104.

libpng (1.2.12-0) unstable; urgency=high

  * New upstream release. Closes: #366070.
  * CVE-2006-3334: Fixed Buffer overflow in the png_decompress_chunk
    function in pngrutil.c in libpng before 1.2.12 allows
    context-dependent attackers to cause a denial of service and
    possibly execute arbitrary code via unspecified vectors related
    to "chunk error processing," possibly involving the "chunk_name".
    Closes: #397892.
  * Removed debian/x86_patches/pnggccrd-PIC.patch as it's merged

Best Regards,

Aníbal Monsalve Salazar

Attachment: signature.asc
Description: Digital signature

Reply to: