Comment 26 for bug 11113

Message-Id: <email address hidden>
Date: Thu, 06 Jan 2005 17:02:07 -0500
From: Joey Hess <email address hidden>
To: <email address hidden>
Cc: Joey Hess <email address hidden>, <email address hidden> (Laurence J. Lane)
Subject: Fixed in NMU of imlib2 1.1.2-2.1

tag 284925 + fixed

quit

This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 6 Jan 2005 16:29:53 -0500
Source: imlib2
Binary: libimlib2 libimlib2-dev
Architecture: source i386
Version: 1.1.2-2.1
Distribution: unstable
Urgency: high
Maintainer: Laurence J. Lane <email address hidden>
Changed-By: Joey Hess <email address hidden>
Description:
 libimlib2 - powerful image loading and rendering library
 libimlib2-dev - Imlib2 development files
Closes: 284925
Changes:
 imlib2 (1.1.2-2.1) unstable; urgency=HIGH
 .
   * NMU with the following changes taken from the Ubuntu patch by Martin Pitt
     Closes: #284925
   * SECURITY UPDATE: fix several buffer overflows
   * loaders/loader_bmp.c: check for negative image width/height
   * loaders/loader_xpm.c:
     - check for negative image attributes
     - check the length of the "col" buffer to avoid overflowing it
     - patch taken from upstream CVS
   * References:
     CAN-2004-1025
     CAN-2004-1026
Files:
 4e044b53efef6571d6754f660b04e1be 730 libs optional imlib2_1.1.2-2.1.dsc
 f7544bcfd3e37b180cb664b4bc2a193e 81653 libs optional imlib2_1.1.2-2.1.diff.gz
 e8042c1cc46f7ffd464d65e6287c31e4 188690 libs optional libimlib2_1.1.2-2.1_i386.deb
 ccccd58406e6dbdce73724d5b9ff03e2 605216 libdevel optional libimlib2-dev_1.1.2-2.1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFB3bIe2tp5zXiKP0wRAsLGAKDAQ21pewzIoMo0cT/CqVduBdQHVACgyqEg
yWkZ3yo0hIubBkIahMZjHQs=
=uH3I
-----END PGP SIGNATURE-----