lp:ubuntu/lucid/libpng

Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/lucid/libpng
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Development

Recent revisions

25. By Marc Deslauriers

* SECURITY UPDATE: denial of service via decompression bomb (LP: #533140)
  - debian/patches/02-CVE-2010-0205.patch: use new two-pass decompression
    method in pngrutil.c.
  - CVE-2010-0205

24. By Steve Langasek

* Merge from Debian testing. Remaining changes:
  - Move libpng from /usr/lib to /lib, so that plymouth is usable on
    systems with a separate /usr.

23. By Steve Langasek

Move libpng from /usr/lib to /lib, so that plymouth is usable on systems
with a separate /usr.

22. By Anibal Monsalve Salazar

* New upstream release
* Debian source format is 3.0 (quilt)
* Update debian/watch
* Add 02-export-png_set_strip_error_numbers.patch
  Define PNG_ERROR_NUMBERS_SUPPORTED
  Upstream doesn't define PNG_ERROR_NUMBERS_SUPPORTED since 1.2.41. As
  a consecuence, the symbol png_set_strip_error_numbe@@PNG12_0 wasn't
  exported.

21. By Anibal Monsalve Salazar

New upstream release

20. By Anibal Monsalve Salazar

New upstream release

19. By Anibal Monsalve Salazar

* New upstream release
* Standards-Version is 3.8.1
* debhelper compat is 7
* Run dh_prep instead of dh_clean -k

18. By Anibal Monsalve Salazar

* New upstream release
  - http://secunia.com/advisories/33970/
    Fix a vulnerability reported by Tavis Ormandy in which
    some arrays of pointers are not initialized prior to using
    "malloc" to define the pointers.
    Closes: #516256
  - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5907
    The png_check_keyword function in pngwutil.c in libpng, might
    allow context-dependent attackers to set the value of an
    arbitrary memory location to zero via vectors involving
    creation of crafted PNG files with keywords, related to an
    implicit cast of the '\0' character constant to a NULL pointer.
* Don't build libpng3 when binary-indep target is not called.
  Closes: #486415

17. By Jamie Strandboge

* SECURITY UPDATE: denial of service and possible execution of arbitrary
  code via crafted image (LP: #338027)
  - debian/patches/02-CVE-2009-0040.diff: initialize pointers in pngread.c,
    pngrtans.c, pngset.c and example.c
  - CVE-2009-0040
* SECURITY UPDATE: denial of service via incorrect memory assignment
  (LP: #324258)
  - debian/patches/02-CVE-2008-5907.diff: update pngwutil.c to properly set
    new_key to NULL string
  - CVE-2008-5907

16. By Matthias Klose

debian/rules: Work around missing definition of ECHO.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/maverick/libpng
This branch contains Public information 
Everyone can see this information.

Subscribers