-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2010-03-15 11:11:53 UTC
-
Revision ID:
james.westby@ubuntu.com-20100315111153-49jk09bjkbzwh0yl
Tags: 1.2.8rel-5ubuntu0.5
* SECURITY UPDATE: denial of service via decompression bomb (LP: #533140)
- pngrutil.c: use new two-pass decompression method backported from
1.2.43
- CVE-2010-0205
* SECURITY UPDATE: information disclosure via 1-bit interlaced images
- pngrutil.c: initialize memory if interlaced
- CVE-2009-2042