Ubuntu
libpng package

lp:ubuntu/gutsy-updates/libpng

  1. Gutsy (7.10)
  2. gutsy-updates
Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/gutsy-updates/libpng
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Development

Recent revisions

14. By Jamie Strandboge

* SECURITY UPDATE: denial of service and possible execution of arbitrary
  code via crafted image (LP: #338027)
  - initialize pointers in pngread.c, pngrtans.c, pngset.c and example.c
  - CVE-2009-0040
* SECURITY UPDATE: denial of service and possible execution of arbitrary
  code via crafted image (LP: #217128)
  - initialize "unknown" chunks in pngpread.c, pngrutil.c and pngset.c
  - CVE-2008-1382
* SECURITY UPDATE: denial of service via off-by-one error
  - shorten tIME_string to 29 bytes in pngtest.c
  - CVE-2008-3964
* SECURITY UPDATE: denial of service via incorrect memory assignment
  (LP: #324258)
  - update pngwutil.c to properly set new_key to NULL string
  - CVE-2008-5907

13. By Jamie Strandboge

* SECURITY UPDATE: denial of service via a crafted PNG image
* fix for pngpread.c and pngrutil.c to properly do bounds checking on read
  operations
* SECURITY UPDATE: denial of service via a crafted PNG image
* fix for pngset.c to properly check palette size in png_set_hIST
* References
  CVE-2007-5269
  CVE-2007-5268
* Modify Maintainer value to match the DebianMaintainerField
  specification.

12. By LaMont Jones

Trigger rebuild for hppa

11. By Anibal Monsalve Salazar

* It seems that a grayscale image with a malformed (bad CRC) tRNS
  chunk will crash libpng and mozilla. Closes: #424729.
  - CVE-2007-2445
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2007-2445
  - CERT Vulnerability Note VU#684664
    http://www.kb.cert.org/vuls/id/684664

10. By Anibal Monsalve Salazar

* Applied legacy_symbols.patch.
* Changed shlibs dependecy versions to ">= 1.2.13-4".
* libpng12-0: Added the following conflicts: mzscheme (<= 1:209-5),
  pngcrush (<= 1.5.10-2), pngmeta (<= 1.11-3), qemacs (<= 0.3.1-5),
  povray-3.5 (<= 3.5.0c-10).

9. By Anibal Monsalve Salazar

* New upstream release.
  - Fixed asm API functions not exported on amd64. Closes: #401044.
  - Fixed "libpng hangs when saving profile". Closes: #401423.
* Fixed "Incorrect shlibs information". Closes: #401465.
* Removed patches for png.h and pngconf.h.
* Updated debian/watch.

8. By Anibal Monsalve Salazar

Removed drop_pass_width patch. Closes: #399499.

7. By Anibal Monsalve Salazar

* New maintainer. Closes: #393109.
* ACK NMUs. Closes: #378463, #377298, #356252.
* debian/control:
  - set Standards-Version to 3.7.2.
  - set Priority to extra for libpng12-0-udeb.
  - added ${misc:Depends} to libpng12-0 and libpng12-0-udeb
    dependency lists.
* Added debian/watch file.

6. By Frans Pop <email address hidden>

* Non Maintainer Upload (closes: #356252).
* Add support for udeb dependency resolution in shlibs file.
* Update debhelper compatibility to level 5.

5. By Josselin Mouette <email address hidden>

* drop_pass_width.patch: don't export png_pass_width, it's absolutely
  unnecessary.
* libpng12-0.shlibs: downgrade the shlibs accordingly
  (closes: #331383).

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/karmic/libpng
This branch contains Public information 
Everyone can see this information.

Subscribers