Debian Package Tracker

From: Loic Minier <lool@dooz.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted gdk-pixbuf 0.22.0-8.1 (source i386)
Date: Sat, 03 Dec 2005 04:47:18 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 20 Nov 2005 19:53:41 +0100
Source: gdk-pixbuf
Binary: libgdk-pixbuf-gnome-dev libgdk-pixbuf-dev libgdk-pixbuf-gnome2 libgdk-pixbuf2
Architecture: source i386
Version: 0.22.0-8.1
Distribution: stable-security
Urgency: high
Maintainer: Ryan Murray <rmurray@debian.org>
Changed-By: Loic Minier <lool@dooz.org>
Description: 
 libgdk-pixbuf-dev - The GdkPixBuf library - development files
 libgdk-pixbuf-gnome-dev - The GNOME1 GdkPixBuf library - development files
 libgdk-pixbuf-gnome2 - The GNOME1 Canvas pixbuf library
 libgdk-pixbuf2 - The GdkPixBuf image library, gtk+ 1.2 version
Closes: 339458
Changes: 
 gdk-pixbuf (0.22.0-8.1) stable-security; urgency=high
 .
   * Non-maintainer upload targetted at stable-security.
   * SECURITY UPDATE: Arbitrary code execution and DoS. (Closes: #339458)
     - Add check to XPM reader to prevent integer overflow for specially
       crafted number of colors.
       [gdk-pixbuf/io-xpm.c] [CVE-2005-3186]
     - Fix endless loop with specially crafted number of colors.
       [gdk-pixbuf/io-xpm.c] [CVE-2005-2975]
     - Fixes integer overflow by allocating GdkPixbuf via gdk_pixbuf_new()
       instead of using malloc() and gdk_pixbuf_new_from_data().
       [gdk-pixbuf/io-xpm.c] [CVE-2005-2976]
Files: 
 7a800a91469430a28ab1900ebb92ba83 709 libs optional gdk-pixbuf_0.22.0-8.1.dsc
 4db0503b5a62533db68b03908b981751 519266 libs optional gdk-pixbuf_0.22.0.orig.tar.gz
 20d149f93e8093e4dbb365e9278ce741 372331 libs optional gdk-pixbuf_0.22.0-8.1.diff.gz
 0f6b383d15e21f02a9db0f3b58d31864 172140 oldlibs optional libgdk-pixbuf2_0.22.0-8.1_i386.deb
 3b6d8fc4ebc1314a35c307dd51ec1e1f 7354 oldlibs optional libgdk-pixbuf-gnome2_0.22.0-8.1_i386.deb
 0f2d4af07ce624a4fa3af2e0964e91a3 150416 oldlibs optional libgdk-pixbuf-dev_0.22.0-8.1_i386.deb
 4e0d60fa4cebefe5c434fbe2e5bf16e6 7860 oldlibs optional libgdk-pixbuf-gnome-dev_0.22.0-8.1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDgN9L4VUX8isJIMARAtU4AKC4XI2ohMnPHPG+gb/MxFn1jsoZGwCdEA4I
eWeqvOhpKLvRdWscvmnzvUM=
=w/sy
-----END PGP SIGNATURE-----


Accepted:
gdk-pixbuf_0.22.0-8.1.diff.gz
  to pool/main/g/gdk-pixbuf/gdk-pixbuf_0.22.0-8.1.diff.gz
gdk-pixbuf_0.22.0-8.1.dsc
  to pool/main/g/gdk-pixbuf/gdk-pixbuf_0.22.0-8.1.dsc
libgdk-pixbuf-dev_0.22.0-8.1_i386.deb
  to pool/main/g/gdk-pixbuf/libgdk-pixbuf-dev_0.22.0-8.1_i386.deb
libgdk-pixbuf-gnome-dev_0.22.0-8.1_i386.deb
  to pool/main/g/gdk-pixbuf/libgdk-pixbuf-gnome-dev_0.22.0-8.1_i386.deb
libgdk-pixbuf-gnome2_0.22.0-8.1_i386.deb
  to pool/main/g/gdk-pixbuf/libgdk-pixbuf-gnome2_0.22.0-8.1_i386.deb
libgdk-pixbuf2_0.22.0-8.1_i386.deb
  to pool/main/g/gdk-pixbuf/libgdk-pixbuf2_0.22.0-8.1_i386.deb
News for package gdk-pixbuf
