lp:ubuntu/dapper-security/imlib2
- Get this branch:
- bzr branch lp:ubuntu/dapper-security/imlib2
Branch merges
Branch information
Recent revisions
- 8. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and code execution via load function
in the XPM loader (LP: #235915)
- debian/patches/ 99_z11_ SECURITY_ CVE-2008- 2426.patch: add checks to make sure
we don't overflow the buffers in XPM loader. (PNG loader was already fixed
by 99_loader_overflows. patch)
- CVE-2008-2426 - 7. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and code execution via load function
in the XPM loader (LP: #302825)
- debian/patches/ 100_SECURITY_ CVE-2008- 5187.patch: do not adjust for
DATA32 size as pointer is already DATA32*.
- CVE-2008-5187 - 6. By Kees Cook
-
Fixed 'debian/
patches/ 99_loader_ overflows. patch' to correctly handle JPG
file loading (Closes Ubuntu #70278). - 5. By Kees Cook
-
* SECURITY UPDATE: multiple overflows found in image loaders allowing
for arbitrary code execution.
* Add 'debian/patches/ 99_loader_ overflows. patch': bounds check image
sizes in argb, jpeg, lbm, png, pnm, tga, and tiff loaders.
* References
CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809 - 4. By Laurence J. Lane
-
src/lib/rend.c: upstream CVS patch fixes crash in digikam.
Reported by <email address hidden>. Thanks. Closes: #318013 - 3. By Steve Langasek
-
* Non-maintainer upload.
* High-urgency upload for sarge-targetted RC bugfix.
* Drop the Requires: line from imlib2.pc.in, since there's nothing in
the current code that will populate it with a proper pkg-config
dependency list. Closes: #286636. - 2. By Joey Hess <email address hidden>
-
* NMU with the following changes taken from the Ubuntu patch by Martin Pitt
Closes: #284925
* SECURITY UPDATE: fix several buffer overflows
* loaders/loader_ bmp.c: check for negative image width/height
* loaders/loader_ xpm.c:
- check for negative image attributes
- check the length of the "col" buffer to avoid overflowing it
- patch taken from upstream CVS
* References:
CAN-2004-1025
CAN-2004-1026
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/imlib2