-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2010-01-04 14:12:52 UTC
-
Revision ID:
james.westby@ubuntu.com-20100104141252-dw04p7rl0001qq42
Tags: 2.6.1-1ubuntu3.1
* SECURITY UPDATE: arbitrary code execution via crafted BMP file
- debian/patches/04_security_CVE-2009-1570.patch: validate bit depths,
width and height in plug-ins/file-bmp/bmp-read.c.
- CVE-2009-1570
* SECURITY UPDATE: arbitrary code execution via crafted PSD file
- debian/patches/05_security_CVE-2009-3909.patch: protect against
integer overflows in plug-ins/file-psd/{psd.h,psd-load.c}.
- CVE-2009-3909