-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 6 Feb 2006 21:10:56 +0100 Source: netpbm-free Binary: libnetpbm10-dev netpbm libnetpbm9 libnetpbm9-dev libnetpbm10 Architecture: source i386 Version: 2:10.0-10.1 Distribution: unstable Urgency: high Maintainer: Andreas Barth <aba@not.so.argh.org> Changed-By: Florian Weimer <fw@deneb.enyo.de> Description: libnetpbm10 - Shared libraries for netpbm libnetpbm10-dev - Development libraries and header files libnetpbm9 - Shared libraries for netpbm libnetpbm9-dev - Development libraries and header files netpbm - Graphics conversion tools Closes: 351639 Changes: netpbm-free (2:10.0-10.1) unstable; urgency=high . * Non-maintainer upload * Patch from Martin Pitt <martin.pitt@ubuntu.com>. Closes: #351639. * SECURITY UPDATE: Arbitrary code execution with crafted images. * pnm/pnmtopng.c: - Increase size of alphas_first_index and alphas_of_color_cnt arrays to fix off-by-one buffer overflow when using -alpha with an image with exactly 256 colors. - CVE-2005-3662 * pnm/pnmtopng.c: - Fix buffer overflow on overly long text lines. - CVE-2005-3632 Files: bd3ac95f282b50b5f274c482988ab5fa 1035 graphics optional netpbm-free_10.0-10.1.dsc 37d810b59cb2427a984c72edf853089d 47055 graphics optional netpbm-free_10.0-10.1.diff.gz 6ee5aa25456b15a123f4b689506ec9d3 1227082 graphics optional netpbm_10.0-10.1_i386.deb 340062ee8c1867be3c8b1f4c34477a04 63948 libs optional libnetpbm10_10.0-10.1_i386.deb 62b3d05e12646de3d8a1645d03977238 109920 libdevel optional libnetpbm10-dev_10.0-10.1_i386.deb 1695995e96d2b9c871fb5b8b8c7e40b1 70064 libs optional libnetpbm9_10.0-10.1_i386.deb 74f28b0f668b0f09dbb6ba8499f8554b 109836 libdevel optional libnetpbm9-dev_10.0-10.1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iQEVAwUBQ+ewBr97/wQC1SS+AQIQKQf9FHf3D4dwYe2jE6BKN/wTMZdhmg4iKYZ6 t4FhdTZw4ZIrNI/mucDiJf7ITM/iFfh19/W3rYAECpgycYP9nz2DZzyMGR2emKwW oESvCgsAgDYvOuxbenZgVVxUzq2CNYAjn/AgnxyHrQ+Ard9JEOvhtweVWI9359Pd tLHBjC4Aw/6FsPmXi5lUvJunSAH5PRnFxfNpAAAhYHZzZVbIAjF0SCfMh7r+8WWW WyLzOy8Ld1a/+O8ZsgoKPfeQ9TJulUT9qCW1MA7qXcaOWnUgJhQROcI33U1im6Ug SebApVOMxWxs5i0iYx0a58WJAey22bpVY99zUdzG+s1ZhYADjpk/LA== =033s -----END PGP SIGNATURE----- Accepted: libnetpbm10-dev_10.0-10.1_i386.deb to pool/main/n/netpbm-free/libnetpbm10-dev_10.0-10.1_i386.deb libnetpbm10_10.0-10.1_i386.deb to pool/main/n/netpbm-free/libnetpbm10_10.0-10.1_i386.deb libnetpbm9-dev_10.0-10.1_i386.deb to pool/main/n/netpbm-free/libnetpbm9-dev_10.0-10.1_i386.deb libnetpbm9_10.0-10.1_i386.deb to pool/main/n/netpbm-free/libnetpbm9_10.0-10.1_i386.deb netpbm-free_10.0-10.1.diff.gz to pool/main/n/netpbm-free/netpbm-free_10.0-10.1.diff.gz netpbm-free_10.0-10.1.dsc to pool/main/n/netpbm-free/netpbm-free_10.0-10.1.dsc netpbm_10.0-10.1_i386.deb to pool/main/n/netpbm-free/netpbm_10.0-10.1_i386.deb