Debian
libpng package

libpng 1.2.35-1 source package in Debian

Changelog

libpng (1.2.35-1) unstable; urgency=high


  * New upstream release
    - http://secunia.com/advisories/33970/
      Fix a vulnerability reported by Tavis Ormandy in which
      some arrays of pointers are not initialized prior to using
      "malloc" to define the pointers.
      Closes: #516256
    - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5907
      The png_check_keyword function in pngwutil.c in libpng, might
      allow context-dependent attackers to set the value of an
      arbitrary memory location to zero via vectors involving
      creation of crafted PNG files with keywords, related to an
      implicit cast of the '\0' character constant to a NULL pointer.
  * Don't build libpng3 when binary-indep target is not called.
    Closes: #486415

 -- Anibal Monsalve Salazar <email address hidden>  Sat, 21 Feb 2009 15:50:52 +1100

Upload details

Uploaded by:
Anibal Monsalve Salazar
Uploaded to:
Sid
Original maintainer:
Anibal Monsalve Salazar
Architectures:
any
Section:
libs
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
libpng_1.2.35-1.dsc 1.1 KiB 4e14341176c33ac6785dc67db34c6d3665d44d84a7afbee5a9dd4db3b92cf1c6
libpng_1.2.35.orig.tar.gz 783.5 KiB 1da5c80096e8a014911e00fab4661c0f77ce523ae4d41308815f307ee709fc7f
libpng_1.2.35-1.diff.gz 14.5 KiB ce62062778b629e0f58f9b8922a21949a9be165d2125c1c8133c1b6510577d32

No changes file available.

Binary packages built by this source