Comment 4 for bug 324258

This bug was fixed in the package libpng - 1.2.27-2ubuntu2

---------------
libpng (1.2.27-2ubuntu2) jaunty; urgency=low

  * SECURITY UPDATE: denial of service and possible execution of arbitrary
    code via crafted image (LP: #338027)
    - debian/patches/02-CVE-2009-0040.diff: initialize pointers in pngread.c,
      pngrtans.c, pngset.c and example.c
    - CVE-2009-0040
  * SECURITY UPDATE: denial of service via incorrect memory assignment
    (LP: #324258)
    - debian/patches/02-CVE-2008-5907.diff: update pngwutil.c to properly set
      new_key to NULL string
    - CVE-2008-5907

 -- Jamie Strandboge <email address hidden> Thu, 05 Mar 2009 14:15:45 -0600