-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 16 Jul 2011 05:13:23 +0900 Source: libpng Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb Architecture: source amd64 all Version: 1.2.27-2+lenny5 Distribution: oldstable-security Urgency: low Maintainer: Anibal Monsalve Salazar <anibal@debian.org> Changed-By: Nobuhiro Iwamatsu <iwamatsu@debian.org> Description: libpng12-0 - PNG library - runtime libpng12-0-udeb - PNG library - minimal runtime library (udeb) libpng12-dev - PNG library - development libpng3 - PNG library - runtime Closes: 632786 633871 633871 633871 Changes: libpng (1.2.27-2+lenny5) oldstable-security; urgency=low . * Apply upstream patch to 1-byte uninitialized memory reference in png_format_buffer(). (Closes: #632786, CVE-2011-2501) * Apply upstream patch to buffer overwrite in png_rgb_to_gray. (Closes: #633871, CVE-2011-2690) * Apply upstream patch to crash in png_default_error due to use of NULL Pointer. (Closes: #633871, CVE-2011-2691) * Apply upstream patch to memory corruption when handling empty sCAL chunks. (Closes: #633871, CVE-2011-2692) Checksums-Sha1: 430c52a9dbe16b6434eeda456e6c4375e7076733 1493 libpng_1.2.27-2+lenny5.dsc 257ea6d2c8b6bf0a2793dc24b885357b8e76a4bf 783204 libpng_1.2.27.orig.tar.gz 352a3b339266ef304253fb1013c75659f2b38eb0 23518 libpng_1.2.27-2+lenny5.diff.gz 3fac27249ab4bdd7811eaf7916172c2132b37ff3 168282 libpng12-0_1.2.27-2+lenny5_amd64.deb 7f191dcfdd5d88495ea5f664917aa4461d24760a 255004 libpng12-dev_1.2.27-2+lenny5_amd64.deb 6b1e9526e677bf5c38591ce8b94e49176b6ef7ac 888 libpng3_1.2.27-2+lenny5_all.deb e176ff49570cef6fbb823d775a3c2d49fc3c4fa5 72052 libpng12-0-udeb_1.2.27-2+lenny5_amd64.udeb Checksums-Sha256: 38ef5eb467b631759763d1e2908d38743b8bbe58794a69e7205b4b3e472bca98 1493 libpng_1.2.27-2+lenny5.dsc 319b955bde2ec207fb8db338bfc092fbf35765096e6db6d17f7f3b3bff03e25f 783204 libpng_1.2.27.orig.tar.gz bada591d6cdb1f21927a691028c766de96ff53c375805e3c30fc5416760a19f9 23518 libpng_1.2.27-2+lenny5.diff.gz b92ade2ac9289f51057f033ec5c36bd5d9a624cc75e8d3bd6cf17b289e5d32d1 168282 libpng12-0_1.2.27-2+lenny5_amd64.deb 5cd98acfa887318b6de000f852fadc40e1534edff0285c9f63a64ee259871113 255004 libpng12-dev_1.2.27-2+lenny5_amd64.deb 4faab1d069b0eec5989651b3a195f96bb81890ee29ba0e3b435af9c98ece8856 888 libpng3_1.2.27-2+lenny5_all.deb 01cb75085e64b41cea77743dfd794561d5a78dbb126d88f22e941bff78d36e94 72052 libpng12-0-udeb_1.2.27-2+lenny5_amd64.udeb Files: 259406d3e24f2b7f8eaf6ae026122bb3 1493 libs optional libpng_1.2.27-2+lenny5.dsc 13a0de401db1972a8e68f47d5bdadd13 783204 libs optional libpng_1.2.27.orig.tar.gz 86a88237814d83cdab083c308be3fa26 23518 libs optional libpng_1.2.27-2+lenny5.diff.gz 3124700c460e0f4ad358338b2f1aece5 168282 libs optional libpng12-0_1.2.27-2+lenny5_amd64.deb b694fc0c8de8dcdee75e05c023358ce1 255004 libdevel optional libpng12-dev_1.2.27-2+lenny5_amd64.deb 8ff5e96fe2c4c24a250fca0534b11079 888 oldlibs optional libpng3_1.2.27-2+lenny5_all.deb 1236278c707b86b4dfa71f2854f18749 72052 debian-installer extra libpng12-0-udeb_1.2.27-2+lenny5_amd64.udeb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJO+h9WAAoJEOxfUAG2iX57j9wH/AqwBb9rM/uRq9+6NI5ydCxG +ILVzRzQIzw61Ox93MB6vp9kJBdw65J2LzyU5DICQVEJLGTxHElck0yRt+Pf9JpU tMOlzCK6Vzu1kgkRbTsNbReUcmkYmOhxRsujqy2dQqspbJM/RVgBxFpNDHxCta6s KsnyTGVo3Hfin2UA0+TMlAp9kjxLAzVL6Ln/qzbXszn8sM+7n12MdRis01vyF901 +reyi+DIl5OVj43k6ozcLCYjhPCRQxopKE5vZtGvvoVzUOWuqZJFEu7jLVtKGp4A qDAt2MfiWzvWqWgZ6OoOiym7nJIwBkVPAxw/9/sXHLTtzUDshrFJ0zYJMrkTuZY= =jR5u -----END PGP SIGNATURE----- Accepted: libpng12-0-udeb_1.2.27-2+lenny5_amd64.udeb to main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny5_amd64.udeb libpng12-0_1.2.27-2+lenny5_amd64.deb to main/libp/libpng/libpng12-0_1.2.27-2+lenny5_amd64.deb libpng12-dev_1.2.27-2+lenny5_amd64.deb to main/libp/libpng/libpng12-dev_1.2.27-2+lenny5_amd64.deb libpng3_1.2.27-2+lenny5_all.deb to main/libp/libpng/libpng3_1.2.27-2+lenny5_all.deb libpng_1.2.27-2+lenny5.diff.gz to main/libp/libpng/libpng_1.2.27-2+lenny5.diff.gz libpng_1.2.27-2+lenny5.dsc to main/libp/libpng/libpng_1.2.27-2+lenny5.dsc