Publishing details

Published on 2011-01-12

Changelog

libpng (1.2.37-1ubuntu0.2) karmic-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution from additional data row via
    malformed PNG image
    - debian/patches/03-CVE-2010-1205.patch: check for unexpected data
      after the last row in pngpread.c.
    - CVE-2010-1205
  * SECURITY UPDATE: denial of service via memory leak from malformed sCAL
    chunks
    - debian/patches/04-CVE-2010-2249.patch: properly free memory in
      pngrutil.c.
    - CVE-2010-2249
 -- Marc Deslauriers <email address hidden>   Mon, 05 Jul 2010 11:44:13 -0400

Available diffs

diff from 1.2.37-1 (in Ubuntu) to 1.2.37-1ubuntu0.2 (5.7 KiB)

Builds

Built packages

libpng12-0 PNG library - runtime

libpng12-0-udeb PNG library - minimal runtime library

libpng12-dev PNG library - development

libpng3 PNG library - runtime

Package files

libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb (72.2 KiB)
libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb (68.8 KiB)
libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb (69.4 KiB)
libpng12-0_1.2.37-1ubuntu0.2_amd64.deb (171.1 KiB)
libpng12-0_1.2.37-1ubuntu0.2_i386.deb (167.4 KiB)
libpng12-0_1.2.37-1ubuntu0.2_lpia.deb (168.5 KiB)
libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb (258.5 KiB)
libpng12-dev_1.2.37-1ubuntu0.2_i386.deb (248.0 KiB)
libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb (250.5 KiB)
libpng3_1.2.37-1ubuntu0.2_all.deb (926 bytes)
libpng_1.2.37-1ubuntu0.2.diff.gz (20.0 KiB)
libpng_1.2.37-1ubuntu0.2.dsc (1.5 KiB)
libpng_1.2.37.orig.tar.gz (786.5 KiB)