Message-Id: <email address hidden> Date: Thu, 06 Jan 2005 17:02:07 -0500 From: Joey Hess <email address hidden> To: <email address hidden> Cc: Joey Hess <email address hidden>, <email address hidden> (Laurence J. Lane) Subject: Fixed in NMU of imlib2 1.1.2-2.1
tag 284925 + fixed
quit
This message was generated automatically in response to a non-maintainer upload. The .changes file follows.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Format: 1.7 Date: Thu, 6 Jan 2005 16:29:53 -0500 Source: imlib2 Binary: libimlib2 libimlib2-dev Architecture: source i386 Version: 1.1.2-2.1 Distribution: unstable Urgency: high Maintainer: Laurence J. Lane <email address hidden> Changed-By: Joey Hess <email address hidden> Description: libimlib2 - powerful image loading and rendering library libimlib2-dev - Imlib2 development files Closes: 284925 Changes: imlib2 (1.1.2-2.1) unstable; urgency=HIGH . * NMU with the following changes taken from the Ubuntu patch by Martin Pitt Closes: #284925 * SECURITY UPDATE: fix several buffer overflows * loaders/loader_bmp.c: check for negative image width/height * loaders/loader_xpm.c: - check for negative image attributes - check the length of the "col" buffer to avoid overflowing it - patch taken from upstream CVS * References: CAN-2004-1025 CAN-2004-1026 Files: 4e044b53efef6571d6754f660b04e1be 730 libs optional imlib2_1.1.2-2.1.dsc f7544bcfd3e37b180cb664b4bc2a193e 81653 libs optional imlib2_1.1.2-2.1.diff.gz e8042c1cc46f7ffd464d65e6287c31e4 188690 libs optional libimlib2_1.1.2-2.1_i386.deb ccccd58406e6dbdce73724d5b9ff03e2 605216 libdevel optional libimlib2-dev_1.1.2-2.1_i386.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFB3bIe2tp5zXiKP0wRAsLGAKDAQ21pewzIoMo0cT/CqVduBdQHVACgyqEg yWkZ3yo0hIubBkIahMZjHQs= =uH3I -----END PGP SIGNATURE-----
Message-Id: <email address hidden>
Date: Thu, 06 Jan 2005 17:02:07 -0500
From: Joey Hess <email address hidden>
To: <email address hidden>
Cc: Joey Hess <email address hidden>, <email address hidden> (Laurence J. Lane)
Subject: Fixed in NMU of imlib2 1.1.2-2.1
tag 284925 + fixed
quit
This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7 loader_ bmp.c: check for negative image width/height loader_ xpm.c: 71d6754f660b04e 1be 730 libs optional imlib2_ 1.1.2-2. 1.dsc 180cb664b4bc2a1 93e 81653 libs optional imlib2_ 1.1.2-2. 1.diff. gz fd464d65e6287c3 1e4 188690 libs optional libimlib2_ 1.1.2-2. 1_i386. deb dce73724d5b9ff0 3e2 605216 libdevel optional libimlib2- dev_1.1. 2-2.1_i386. deb
Date: Thu, 6 Jan 2005 16:29:53 -0500
Source: imlib2
Binary: libimlib2 libimlib2-dev
Architecture: source i386
Version: 1.1.2-2.1
Distribution: unstable
Urgency: high
Maintainer: Laurence J. Lane <email address hidden>
Changed-By: Joey Hess <email address hidden>
Description:
libimlib2 - powerful image loading and rendering library
libimlib2-dev - Imlib2 development files
Closes: 284925
Changes:
imlib2 (1.1.2-2.1) unstable; urgency=HIGH
.
* NMU with the following changes taken from the Ubuntu patch by Martin Pitt
Closes: #284925
* SECURITY UPDATE: fix several buffer overflows
* loaders/
* loaders/
- check for negative image attributes
- check the length of the "col" buffer to avoid overflowing it
- patch taken from upstream CVS
* References:
CAN-2004-1025
CAN-2004-1026
Files:
4e044b53efef65
f7544bcfd3e37b
e8042c1cc46f7f
ccccd58406e6db
-----BEGIN PGP SIGNATURE-----
5zXiKP0wRAsLGAK DAQ21pewzIoMo0c T/CqVduBdQHVACg yqEg ahMZjHQs=
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFB3bIe2tp
yWkZ3yo0hIubBkI
=uH3I
-----END PGP SIGNATURE-----