Ubuntu
netpbm-free package

Please sync netpbm-free 2:10.0-12.2 (main) from Debian unstable (main).

Bug #597957 reported by Bhavani Shankar
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
netpbm-free (Ubuntu)
Fix Released
Wishlist
Unassigned

Bug Description

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 affects ubuntu/netpbm-free
 status new
 importance wishlist
 subscribe ubuntu-main-sponsors

Please sync netpbm-free 2:10.0-12.2 (main) from Debian unstable (main).

Explanation of the Ubuntu delta and why it can be dropped:

We can sync the package as debian has incorporated the CVE fix affecting
ubuntu

Changelog since current maverick version 2:10.0-12.1ubuntu1:

netpbm-free (2:10.0-12.2) unstable; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix stack-based buffer overflow when processing XPM
    image header fields. This can result in the execution
    of arbitrary code (CVE-2009-4274; Closes: #569060)

 -- Nico Golde <email address hidden> Sun, 20 Jun 2010 14:27:25 +0200

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkwi6WkACgkQUlfC4uPMy3QfEQCg1iHcxtpzB0lOcieHDu0etB3A
wtAAoIInt++3jEaC6pO4N9CFmfEPG+kn
=XGIj
-----END PGP SIGNATURE-----

Revision history for this message
Daniel Holbach (dholbach) wrote : ACK of sync request

ACKed.

Changed in netpbm-free (Ubuntu):
status: New → Triaged
Revision history for this message
Colin Watson (cjwatson) wrote :

2010-06-25 12:40:49 INFO netpbm-free_10.0.orig.tar.gz: already in distro - downloading from librarian
[Updating] netpbm-free (2:10.0-12.1ubuntu1 [Ubuntu] < 2:10.0-12.2 [Debian])
 * Trying to add netpbm-free...
2010-06-25 12:40:50 INFO - <netpbm-free_10.0-12.2.dsc: downloading from http://ftp.debian.org/debian/>
2010-06-25 12:40:50 INFO - <netpbm-free_10.0-12.2.diff.gz: downloading from http://ftp.debian.org/debian/>
2010-06-25 12:40:50 INFO - <netpbm-free_10.0.orig.tar.gz: cached>
I: netpbm-free [main] -> netpbm_2:10.0-12.1ubuntu1 [main].
I: netpbm-free [main] -> libnetpbm10_2:10.0-12.1ubuntu1 [main].
I: netpbm-free [main] -> libnetpbm10-dev_2:10.0-12.1ubuntu1 [main].
I: netpbm-free [main] -> libnetpbm9_2:10.0-12.1ubuntu1 [universe].
I: netpbm-free [main] -> libnetpbm9-dev_2:10.0-12.1ubuntu1 [universe].

Changed in netpbm-free (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.