Ubuntu
gdk-pixbuf package

lp:ubuntu/hoary-security/gdk-pixbuf

  1. Hoary (5.04)
  2. hoary-security
Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/hoary-security/gdk-pixbuf
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Development

Recent revisions

4. By Martin Pitt

* SECURITY UPDATE: Arbitrary code execution and DoS.
* Fix integer overflow in XPM loader:
  - gdk-pixbuf/io-xpm.c, pixbuf_create_from_xpm(): Check n_col for integer
    overflow before allocating memory.
  - XPMs with specially crafted number of colors can lead to buffer overflow
    and arbitrary code execution.
  - CVE-2005-3186
* Fix another integer overflow in XPM loader:
  - gdk-pixbuf/io-xpm.c, pixbuf_create_from_xpm(): Use gdk_pixbuf_new()
    instead of low-level allocation since the latter did not check for
    integer overflows (width * height * number of colors).
  - CVE-2005-2976
* Fix endless loop in XPM loader:
  - gdk-pixbuf/io-xpm.c, file_buffer(): Avoid endless loop with specially
    crafted number of colors.
  - CVE-2005-2975

3. By Martin Pitt

* SECURITY UPDATE: Fix Denial of Service with malformed images.
* gdk-pixbuf/io-bmp.c, grow_buffer(): Fix double free() leading
  to a crash with malicious BMP images.
* References:
  CAN-2005-0891

2. By Sebastien Bacher

Sync with debian to fix the "undefined symbol" problem with g_try_malloc
(Warty: #2094).

1. By Sebastien Bacher

Import upstream version 0.22.0

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/karmic/gdk-pixbuf
This branch contains Public information 
Everyone can see this information.

Subscribers