-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 07 Jan 2016 20:07:15 +0100 Source: libpng Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb Architecture: source amd64 Version: 1.2.49-1+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: Anibal Monsalve Salazar <anibal@debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: libpng12-0 - PNG library - runtime libpng12-0-udeb - PNG library - minimal runtime library (udeb) libpng12-dev - PNG library - development libpng3 - PNG library - runtime Closes: 807112 807694 Changes: libpng (1.2.49-1+deb7u2) wheezy-security; urgency=high . * Non-maintainer upload by the Security Team. * Add patches to address CVE-2015-8472. CVE-2015-8472: Incomplete fix for callers on png_set_PLTE. (Closes: #807112) * Add CVE-2015-8540.patch patch. CVE-2015-8540: underflow read in png_check_keyword(). (Closes: #807694) Checksums-Sha1: 4e9810cb55eabab54614004e37da1a320670ddb0 1987 libpng_1.2.49-1+deb7u2.dsc 7afa432b0f15dc820aa41f53050adaa2a69ccfa5 19640 libpng_1.2.49-1+deb7u2.debian.tar.bz2 e6d6b5dae34a2be8d3237d828e07c331aa738fba 190704 libpng12-0_1.2.49-1+deb7u2_amd64.deb 8fbd2103d193915cc663e6b37ac533a63229925d 267422 libpng12-dev_1.2.49-1+deb7u2_amd64.deb 8ebdc9aa738decc300bc19436ce954952fe314a0 954 libpng3_1.2.49-1+deb7u2_amd64.deb c486a3e497c3250284d8c2b8f1502416e1e9f76d 64032 libpng12-0-udeb_1.2.49-1+deb7u2_amd64.udeb Checksums-Sha256: 9386a11848d1913d4e091e29d069693ba0a232b85d2fb32112d3b0c000a09f5d 1987 libpng_1.2.49-1+deb7u2.dsc 76b2cf0247a62cb41eabc1a5ba4b6599ad73c56654700040bf23e7c6d8c627a7 19640 libpng_1.2.49-1+deb7u2.debian.tar.bz2 a2095d2fa94c890a507d7f3824f7d499b93722cf636fcd037db3ae59c46c8b5d 190704 libpng12-0_1.2.49-1+deb7u2_amd64.deb 599991eae3a8bf8623222ca0775a6c114c5a404254f4ebf5e91b3891fb0be848 267422 libpng12-dev_1.2.49-1+deb7u2_amd64.deb 6b7c0f865fea2de4d9ad862add64d77bc28a7f4f73ddcb68f4c3b011a13768de 954 libpng3_1.2.49-1+deb7u2_amd64.deb 6b0f0410a328c04a7b65a4294f7192fb71e20b4895bbed93c60951b574df6a7e 64032 libpng12-0-udeb_1.2.49-1+deb7u2_amd64.udeb Files: 78fe01e240f292cf992c134fb3c6de62 1987 libs optional libpng_1.2.49-1+deb7u2.dsc 94fae174e9a922613ec9818faa60f526 19640 libs optional libpng_1.2.49-1+deb7u2.debian.tar.bz2 326043809e1278bc4f57dd65a6465bbc 190704 libs optional libpng12-0_1.2.49-1+deb7u2_amd64.deb ab27dcc1957c6088d6d0b4821f27e120 267422 libdevel optional libpng12-dev_1.2.49-1+deb7u2_amd64.deb 39cd19b67fdc0eb762c98c03d75ccb26 954 oldlibs optional libpng3_1.2.49-1+deb7u2_amd64.deb 1687a6aa04cbc51d836e2496dc54240b 64032 debian-installer extra libpng12-0-udeb_1.2.49-1+deb7u2_amd64.udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWjr5rAAoJEAVMuPMTQ89EugYP/R5pP/bzRB2BDGcnLI4lM8p5 mYixFrtwsKedeqtyh5f6VogpZuDPQB97qCDz1hu4YQJulGZEOi3090aeE4aTODJI LeqalqxOtA4kspWGuyDGb8w0B9qIiozcsG2YEnY3v89mDCcJ7JuCB8ZTNyyHxEcZ YCj1oR3PxPe/A9WPHIEs6m05TwLQ11W2Ns8MZCBvkTxXLD+mz2wjmlFUdP7GPOQm UGqG1/kmMApeBfFmu030Nxw/4HO2GC63fbCawg1y2KlmkMdndCCkY1Z+w85yBl1w 2U9JGtRlHQTao9PlfIIx6WvUdlg2mSoj8dxBIg7rWDkI6Uukz3ZBGLSpX09o2JM2 iJzf8iqksWuRmBSi2GmKONN3BJGK6Slx/PurdSB9WjN5keUKa4g5tmhkk1VGAtWg pLu7f+wFp1wbA+vnd0dBa1JOsCmpwRwizRSBgjg/0S3NFa5oUnB7LEy8PuqyewxD FlyUULOP8kRcEQaAudDfLfZiP+K07P3Hg4ihM0dqvWLsMLSfnbL0pD8R6WEDPlfG Wp1nbAXpBcyOm2isZwixeayjmHwP3RyuOkZKI/tFEf776xjGBQD0aL61wKiEXSmG GJzGdQ6ciBtkDU/FOU8uZ5r/Ouu/1fpKFYcLwHlBSZ+3WU1izXbMg2OhwOiSUryf rcyd/77PzH3NQDY7gdhC =fdYD -----END PGP SIGNATURE-----
