-
Committer:
Bazaar Package Importer
-
Author(s):
Jonathan Riddell
-
Date:
2008-04-22 17:26:37 UTC
-
Revision ID:
james.westby@ubuntu.com-20080422172637-34htauao1c4g321z
Tags: 3.80.3-0ubuntu4.1
* SECURITY UPDATE: KHTML's PNG loader can be tricked into
overrunning a heap allocated memory buffer by loading a
specially encoded image. A remote site could cause a denial of
service and possibly execute arbitrary code in the context of
the user.
* Add patch kubuntu_07_khtml_png_loader_memory_overrun.diff from KDE
upstream, adds extra checks to khtml/imload/decoders/pngloader.cpp
* References
http://www.kde.org/info/security/advisory-20080426-1.txt
CVE-2008-1670