Ubuntu
libpng package

lp:~ubuntu-branches/ubuntu/lucid/libpng/lucid-201002130207

Lucid (10.04)
lucid-201002130207

Created by James Westby on 2010-02-13 and last modified on 2010-02-13

Get this branch:: bzr branch lp:~ubuntu-branches/ubuntu/lucid/libpng/lucid-201002130207

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Ready for review for merging into lp:ubuntu/lucid/libpng

No reviews requested

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Status:: Development

Recent revisions

23. By Steve Langasek on 2010-01-25: releasing version 1.2.40-1ubuntu1
22. By Steve Langasek on 2010-01-25: Move libpng from /usr/lib to /lib, so that plymouth is usable on systems
with a separate /usr.
21. By Anibal Monsalve Salazar on 2009-10-07: New upstream release
20. By Anibal Monsalve Salazar on 2009-06-04: New upstream release
19. By Anibal Monsalve Salazar on 2009-05-22: * New upstream release
* Standards-Version is 3.8.1
* debhelper compat is 7
* Run dh_prep instead of dh_clean -k
18. By Anibal Monsalve Salazar on 2009-02-21: * New upstream release
  - http://secunia.com/advisories/33970/
    Fix a vulnerability reported by Tavis Ormandy in which
    some arrays of pointers are not initialized prior to using
    "malloc" to define the pointers.
    Closes: #516256
  - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5907
    The png_check_keyword function in pngwutil.c in libpng, might
    allow context-dependent attackers to set the value of an
    arbitrary memory location to zero via vectors involving
    creation of crafted PNG files with keywords, related to an
    implicit cast of the '\0' character constant to a NULL pointer.
* Don't build libpng3 when binary-indep target is not called.
  Closes: #486415
17. By Jamie Strandboge on 2009-03-05: * SECURITY UPDATE: denial of service and possible execution of arbitrary
  code via crafted image (LP: #338027)
  - debian/patches/02-CVE-2009-0040.diff: initialize pointers in pngread.c,
    pngrtans.c, pngset.c and example.c
  - CVE-2009-0040
* SECURITY UPDATE: denial of service via incorrect memory assignment
  (LP: #324258)
  - debian/patches/02-CVE-2008-5907.diff: update pngwutil.c to properly set
    new_key to NULL string
  - CVE-2008-5907
16. By Matthias Klose on 2008-11-16: debian/rules: Work around missing definition of ECHO.
15. By Anibal Monsalve Salazar on 2008-10-04: * Fix CVE-2008-3964: off-by-one error in pngtest.c; closes: #501109
* Standards-Version is 3.8.0
14. By Anibal Monsalve Salazar on 2008-04-29: * New upstream release
* Patches merged upstream:
debian/patches/02-476669-CVE-2008-1382.diff
debian/patches/03-404514-png.5.diff
* Run ./autogen.sh

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/lucid/libpng

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntulibpng package