-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2009-03-20 15:04:07 UTC
-
Revision ID:
james.westby@ubuntu.com-20090320150407-kvvd1vdc14a6c252
Tags: 1.17.dfsg-1ubuntu2
* SECURITY UPDATE: Denial of service via large memory leak
- debian/patches/11_security_CVE-2009-0581_0723_0733.dpatch: properly
free memory in src/cmsio1.c.
- CVE-2009-0581
* SECURITY UPDATE: Arbitrary code execution due to integer overflows
- debian/patches/11_security_CVE-2009-0581_0723_0733.dpatch: add new
calloc function in include/lcms.h and fix overflows in src/cmsgamma.c,
src/cmsio0.c, src/cmsio1.c and src/cmslut.c.
- CVE-2009-0723
* SECURITY UPDATE: Arbitrary code execution due to buffer overflow
- debian/patches/11_security_CVE-2009-0581_0723_0733.dpatch: add
_cmsValidateLUT() and use in src/cmsio1.c and src/cmslut.c.
- CVE-2009-0733