-
libpng (1.2.54-1ubuntu1.1) xenial-security; urgency=medium
* SECURITY UPDATE: Null pointer dereference
- debian/patches/CVE-2016-10087.patch: fix in png.c.
- CVE-2016-10087
-- <email address hidden> (Leonidas S. Barbosa) Tue, 10 Jul 2018 16:59:38 -0300
-
libpng (1.2.54-1ubuntu1) xenial; urgency=medium
* SECURITY UPDATE: overflows in png_handle_zTXt(), png_handle_sPLT(),
png_handle_pCAL(), and png_set_PLTE()
- debian/patches/CVE-2015-8472.patch: check lengths in pngrutil.c,
properly use info_ptr in pngset.c.
- CVE-2015-8472
* SECURITY UPDATE: out-of-range read in png_check_keyword()
- debian/patches/CVE-2015-8540.patch: check key_len in pngwutil.c.
- CVE-2015-8540
-- Marc Deslauriers <email address hidden> Wed, 06 Jan 2016 12:39:08 -0500
-
libpng (1.2.54-1) unstable; urgency=medium
* New upstream release. (Closes: #803078, #805113)
* Remove patches/02-required-space.patch.
Already applied in upstream.
* Bumped standards version to 3.9.6.
-- Nobuhiro Iwamatsu <email address hidden> Wed, 18 Nov 2015 11:00:42 +0900
-
libpng (1.2.51-0ubuntu3) utopic; urgency=medium
* No-change rebuild to get debug symbols on all architectures.
-- Brian Murray <email address hidden> Tue, 21 Oct 2014 11:29:36 -0700