-
Committer:
Bazaar Package Importer
-
Author(s):
Jamie Strandboge
-
Date:
2009-03-05 14:15:45 UTC
-
Revision ID:
james.westby@ubuntu.com-20090305141545-w9ivs36r7zug3h9u
Tags: 1.2.27-2ubuntu2
* SECURITY UPDATE: denial of service and possible execution of arbitrary
code via crafted image (LP: #338027)
- debian/patches/02-CVE-2009-0040.diff: initialize pointers in pngread.c,
pngrtans.c, pngset.c and example.c
- CVE-2009-0040
* SECURITY UPDATE: denial of service via incorrect memory assignment
(LP: #324258)
- debian/patches/02-CVE-2008-5907.diff: update pngwutil.c to properly set
new_key to NULL string
- CVE-2008-5907