Sync openexr 1.6.1-4.1 (main) from Debian testing (main)

Bug #484384 reported by Loïc Minier
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openexr (Ubuntu)
Fix Released
Wishlist
Unassigned

Bug Description

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 affects ubuntu/openexr
 status confirmed
 importance wishlist
 subscribe ubuntu-archive
 done

Please sync openexr 1.6.1-4.1 (main) from Debian testing (main)

Explanation of the Ubuntu delta and why it can be dropped:
Security patches were merged in unstable and the hppa testsuite workaround is
not needed anymore since we don't support hppa in lucid anyway and it's only
for older hppa kernels on buildds -- not truly a source problem.

Changelog entries since current lucid version 1.6.1-4ubuntu3:

openexr (1.6.1-4.1) unstable; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fixed CVE-2009-1720: Integer overflows in Imf::PreviewImage::PreviewImage
    and integer overflows in compressor constructors
  * Fixed CVE-2009-1721: uninitialized pointers in Imf::hufUncompress
  * Patch stolen from stable-security, thanks to Cyril Brulebois
    (Closes: #550424)

 -- Giuseppe Iuculano <email address hidden> Wed, 21 Oct 2009 23:54:35 +0200

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAksC770ACgkQ4VUX8isJIMB0pgCgjjdDpG6r1Z5ZJT6//gTJXxIf
IKkAnjvhnFqpayO2tLAcjqAT90Qj4wGP
=CtUS
-----END PGP SIGNATURE-----

--
Loïc Minier

Revision history for this message
Sebastien Bacher (seb128) wrote :

[Updating] openexr (1.6.1-4ubuntu3 [Ubuntu] < 1.6.1-4.1 [Debian])
 * Trying to add openexr...
  - <openexr_1.6.1-4.1.dsc: downloading from http://ftp.debian.org/debian/>
  - <openexr_1.6.1.orig.tar.gz: already in distro - downloading from librarian>
  - <openexr_1.6.1-4.1.diff.gz: downloading from http://ftp.debian.org/debian/>
I: openexr [main] -> openexr_1.6.1-4ubuntu3 [universe].
I: openexr [main] -> libopenexr-dev_1.6.1-4ubuntu3 [main].
I: openexr [main] -> libopenexr6_1.6.1-4ubuntu3 [main].

Changed in openexr (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.