Debian
libpng package

lp:debian/wheezy/libpng

Wheezy (7.0)
wheezy

Created by James Westby on 2011-02-12 and last modified on 2012-04-09

Get this branch:: bzr branch lp:debian/wheezy/libpng

Members of Ubuntu branches can upload to this branch. Log in for directions.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Status:: Development

Recent revisions

33. By Anibal Monsalve Salazar on 2012-04-09

* New upstream version 1.2.49
  - Fix CVE-2011-3048 (memory corruption flaw)
    Closes: 667475
  - Don't crash with electric fence memory debugger
    Closes: 668082
* Merged upstream: 02-665208-CVE-2012-3045.patch

32. By Anibal Monsalve Salazar on 2012-03-27

* Fix Buffer overflow
  Fix CVE-2012-3045
  Add 02-665208-CVE-2012-3045.patch
  Closes: 665208
* Standards Version is 3.9.3

31. By Anibal Monsalve Salazar on 2012-02-19

New upstream version 1.2.47

The purpose of this release is to fix the dangerous CVE-2011-3026.
The libpng patch is different from the one that was distributed
earlier by Chromium, in that the libpng user limit feature is not
crippled by the patch.

Remove 02-660026-CVE-2011-3026.patch

30. By Anibal Monsalve Salazar on 2012-02-16

Check for both truncation (64-bit platforms) and integer overflow
Fix CVE-2011-3026
Add 02-660026-CVE-2011-3026.patch
Closes: 660026

29. By Nobuhiro Iwamatsu on 2012-01-09

Update debian/rules.
Enabled hardened build flags. (Closes: #654149)

28. By Anibal Monsalve Salazar on 2011-07-27

libpng12-0-udeb: Don't use bzip2 compression
Closes: 634865

27. By Nobuhiro Iwamatsu on 2011-07-15

* New upstream release (Closes: #633871).
  - Fix CVE: CVE-2011-2690
    Buffer overwrite in png_rgb_to_gray
  - CVE: CVE-2011-2691
    Crash in png_default_error due to use of NULL Pointer
  - CVE: CVE-2011-2692
    Memory corruption when handling empty sCAL chunks
  - Update patches/01-legacy.patch
  - Remove patches/02-632786-CVE-2011-2501.patch. Applied to upstream.

26. By Anibal Monsalve Salazar on 2011-07-06

* Fixed 1-byte uninitialized memory reference in png_format_buffer()
  Fix CVE-2011-2501
  Add debian/patches/02-632786-CVE-2011-2501.patch
  Closes: 632786
* Standards version is 3.9.2
* Fix xc-package-type-in-debian-control
* Fix debian-rules-missing-recommended-target

25. By Anibal Monsalve Salazar on 2011-03-13

debian/libpng3.links: fix up the compat symlink to point to /lib
Patch by Steve Langasek
Closes: #579074, LP: #284325

24. By Anibal Monsalve Salazar on 2010-06-26

New upstream release
Stop memory leak when reading a malformed sCAL chunk

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:debian/libpng

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Debianlibpng package