Change logs for libxpm source package in Bionic
-
libxpm (1:3.5.12-1ubuntu0.18.04.2) bionic-security; urgency=medium * SECURITY UPDATE: CPU-consuming loop on width of 0 - debian/patches/CVE-2022-44617-1.patch: add extra checks to src/data.c, src/parse.c. - debian/patches/CVE-2022-44617-2.patch: prevent a double free in the error code path in src/create.c. - CVE-2022-44617 * SECURITY UPDATE: Infinite loop on unclosed comments - debian/patches/CVE-2022-46285.patch: handle unclosed comments in src/data.c. - CVE-2022-46285 * SECURITY UPDATE: compression commands depend on $PATH - debian/patches/CVE-2022-4883.patch: don't rely on $PATH to find the commands in src/RdFToI.c, src/WrFFrI.c. - CVE-2022-4883 -- Marc Deslauriers <email address hidden> Mon, 16 Jan 2023 12:58:21 -0500 -
libxpm (1:3.5.12-1) unstable; urgency=medium [ Andreas Boll ] * New upstream release. * Let uscan verify tarball signatures. * Improve package description (Closes: #646992). Thanks, Justin B Rye! * Switch URLs to https. * Remove obsolete xsfbs. * Add placeholder comment into series file. * Bump debhelper compat to 10. - Drop build-deps on dh-autoreconf, automake and libtool. * Stop passing --disable-silent-rules to configure, debhelper does that for a while. * Drop no longer needed dpkg-dev versioned build-dependency. [ Emilio Pozuelo Monfort ] * Switch to -dbgsym packages. -- Emilio Pozuelo Monfort <email address hidden> Thu, 22 Dec 2016 17:17:47 +0100
