-
libpng (1.2.54-6ubuntu1) yakkety; urgency=medium
* Merge with Debian; remaining changes:
- debian/patches/CVE-2015-8472.patch: check lengths in pngrutil.c,
properly use info_ptr in pngset.c.
- CVE-2015-8472
- debian/patches/CVE-2015-8540.patch: check key_len in pngwutil.c.
- CVE-2015-8540
libpng (1.2.54-6) unstable; urgency=high
* Team upload.
* Stop providing libpng3 together with libpng3-dev too
(Closes: #789815)
- thanks Laurent Bigonville for the heads up!
libpng (1.2.54-5) unstable; urgency=medium
* Team upload.
* Stop providing libpng-dev and libpng3 (Closes: #789815, #820836)
- thanks to Laurent Bigonville and Jean-Michel Vourgère for the
bug reports!
libpng (1.2.54-4) unstable; urgency=medium
[ Marco d'Itri ]
* Drop spurious library link. (Closes: #766809)
libpng (1.2.54-3) unstable; urgency=medium
* Revert the changes in 1.2.54-2.
Closes: #814971.
* debhelper compat is 9.
libpng (1.2.54-2) unstable; urgency=medium
[ Marco d'Itri ]
* Drop spurious library link (Closes: #766809)
-- Matthias Klose <email address hidden> Sat, 23 Apr 2016 03:37:22 +0200
-
libpng (1.2.54-1ubuntu2) yakkety; urgency=medium
* No-change rebuild for libpng soname change.
-- Matthias Klose <email address hidden> Fri, 22 Apr 2016 23:51:01 +0000
-
libpng (1.2.54-1ubuntu1) xenial; urgency=medium
* SECURITY UPDATE: overflows in png_handle_zTXt(), png_handle_sPLT(),
png_handle_pCAL(), and png_set_PLTE()
- debian/patches/CVE-2015-8472.patch: check lengths in pngrutil.c,
properly use info_ptr in pngset.c.
- CVE-2015-8472
* SECURITY UPDATE: out-of-range read in png_check_keyword()
- debian/patches/CVE-2015-8540.patch: check key_len in pngwutil.c.
- CVE-2015-8540
-- Marc Deslauriers <email address hidden> Wed, 06 Jan 2016 12:39:08 -0500