-
gdk-pixbuf (2.40.0+dfsg-3ubuntu0.4) focal-security; urgency=medium
* SECURITY UPDATE: Heap-Buffer-Overflow
- debian/patches/CVE-2021-44648-1.patch: Add an assertion that checks for maximum LZW code size
in gdk-pixbuf/lzw.c.
- debian/patches/CVE-2021-44648-2.patch: Fix the check for maximum value
of LZW initial code size in gdk-pixbuf/io-gif.c.
- debian/patches/CVE-2021-44648-3.patch: Add tests for GIF files with
invalid LZW code size in tests/tests-images/fail/* and
tests/tests-images/gif-test-suite/*.
- debian/source/include-binaries: add tests binaries to the package
- CVE-2021-44648
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 07 Sep 2022 12:05:42 -0300
-
gdk-pixbuf (2.40.0+dfsg-3ubuntu0.3) focal-security; urgency=medium
* SECURITY UPDATE: Buffer overwrite in io-gif-animation.c
composite_frame() (LP: #1982898)
- debian/patches/CVE-2021-46829.patch: gif: Check for overflow
when compositing or clearing frames.
- CVE-2021-46829
-- Joshua Peisach <email address hidden> Tue, 26 Jul 2022 20:42:00 -0400
-
gdk-pixbuf (2.40.0+dfsg-3ubuntu0.2) focal-security; urgency=medium
* SECURITY UPDATE: integer underflow in GIF loader
- debian/patches/CVE-2021-20240.patch: check for overflow in
gdk-pixbuf/io-gif-animation.c.
- CVE-2021-20240
-- Marc Deslauriers <email address hidden> Thu, 18 Feb 2021 09:41:16 -0500
-
gdk-pixbuf (2.40.0+dfsg-3ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: infinite loop in write_indexes
- debian/patches/CVE-2020-29385.patch: fix LZW decoder accepting
invalid LZW code in gdk-pixbuf/lzw.c.
- CVE-2020-29385
-- Marc Deslauriers <email address hidden> Tue, 08 Dec 2020 08:32:30 -0500
-
gdk-pixbuf (2.40.0+dfsg-3) unstable; urgency=medium
* debian/rules: Make the tests non-fatal on kfreebsd-amd64
-- Laurent Bigonville <email address hidden> Sun, 08 Mar 2020 18:35:39 +0100
-
gdk-pixbuf (2.40.0+dfsg-2) unstable; urgency=medium
* Team upload
* d/tests/build: Mark as superficial
* d/tests/build: Make autopkgtest cross-test-friendly.
Use an appropriate cross-compiler and cross-pkg-config when using
proposed autopkgtest cross-testing support.
Thanks to Steve Langasek. (Closes: #946374)
* d/tests/build: Fail on references to unset variables
* d/tests/build: Fix shellcheck warnings
* Bump Standards-Version to 4.4.1
-- Simon McVittie <email address hidden> Thu, 26 Dec 2019 16:33:27 +0000
-
gdk-pixbuf (2.40.0+dfsg-1ubuntu1) focal; urgency=medium
* Make autopkgtests cross-test-friendly.
-- Steve Langasek <email address hidden> Sat, 07 Dec 2019 16:54:54 -0800
-
gdk-pixbuf (2.40.0+dfsg-1build1) eoan; urgency=medium
* No-change rebuild to avoid ABI dependency on now-removed glib2.0
-- Adam Conrad <email address hidden> Mon, 14 Oct 2019 02:14:10 -0600