[ubuntu/jaunty] lcms 1.17.dfsg-1ubuntu2 (Accepted)

Fri, 27 Mar 2009 07:35:26 -0700 

lcms (1.17.dfsg-1ubuntu2) jaunty; urgency=low

  * SECURITY UPDATE: Denial of service via large memory leak
    - debian/patches/11_security_CVE-2009-0581_0723_0733.dpatch: properly
      free memory in src/cmsio1.c.
    - CVE-2009-0581
  * SECURITY UPDATE: Arbitrary code execution due to integer overflows
    - debian/patches/11_security_CVE-2009-0581_0723_0733.dpatch: add new
      calloc function in include/lcms.h and fix overflows in src/cmsgamma.c,
      src/cmsio0.c, src/cmsio1.c and src/cmslut.c.
    - CVE-2009-0723
  * SECURITY UPDATE: Arbitrary code execution due to buffer overflow
    - debian/patches/11_security_CVE-2009-0581_0723_0733.dpatch: add
      _cmsValidateLUT() and use in src/cmsio1.c and src/cmslut.c.
    - CVE-2009-0733

Date: Fri, 20 Mar 2009 15:04:07 -0400
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Ubuntu Core Developers <[email protected]>
Signed-By: Jamie Strandboge <[email protected]>
https://launchpad.net/ubuntu/jaunty/+source/lcms/1.17.dfsg-1ubuntu2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 20 Mar 2009 15:04:07 -0400
Source: lcms
Binary: liblcms1 liblcms-utils liblcms1-dev python-liblcms
Architecture: source
Version: 1.17.dfsg-1ubuntu2
Distribution: jaunty
Urgency: low
Maintainer: Ubuntu Core Developers <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description: 
 liblcms-utils - Color management library (Additional utilities)
 liblcms1   - Color management library
 liblcms1-dev - Color management library (Development headers)
 python-liblcms - Python bindings for liblcms color management library
Changes: 
 lcms (1.17.dfsg-1ubuntu2) jaunty; urgency=low
 .
   * SECURITY UPDATE: Denial of service via large memory leak
     - debian/patches/11_security_CVE-2009-0581_0723_0733.dpatch: properly
       free memory in src/cmsio1.c.
     - CVE-2009-0581
   * SECURITY UPDATE: Arbitrary code execution due to integer overflows
     - debian/patches/11_security_CVE-2009-0581_0723_0733.dpatch: add new
       calloc function in include/lcms.h and fix overflows in src/cmsgamma.c,
       src/cmsio0.c, src/cmsio1.c and src/cmslut.c.
     - CVE-2009-0723
   * SECURITY UPDATE: Arbitrary code execution due to buffer overflow
     - debian/patches/11_security_CVE-2009-0581_0723_0733.dpatch: add
       _cmsValidateLUT() and use in src/cmsio1.c and src/cmslut.c.
     - CVE-2009-0733
Checksums-Sha1: 
 a457443126a49cc0b2f4e3f67c854eac7d6885b9 1383 lcms_1.17.dfsg-1ubuntu2.dsc
 2db4269baa9a6f3a4fb837417ccaa192bdba5f0a 12019 lcms_1.17.dfsg-1ubuntu2.diff.gz
Checksums-Sha256: 
 8d2ed1881d2b74760b145785f4dab7e16118b5f3d9cc7ca58dd8a3e28c06ec04 1383 
lcms_1.17.dfsg-1ubuntu2.dsc
 39c540275f3b21beec7075e738ecc2b35a43d970b937ebf29c2824535930e048 12019 
lcms_1.17.dfsg-1ubuntu2.diff.gz
Files: 
 d7ca7b546a62292479f8fe1c2936dde2 1383 libs optional lcms_1.17.dfsg-1ubuntu2.dsc
 90996467ebb7c2c16b8ff42e1da32492 12019 libs optional 
lcms_1.17.dfsg-1ubuntu2.diff.gz
Original-Maintainer: Oleksandr Moskalenko <[email protected]>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAknM4poACgkQW0JvuRdL8BpCZACeLkctd96jxODY+120KKUZOiPB
UBkAoJJQJkLdEGMhZiU1lB7IlLQtnBWC
=ilFZ
-----END PGP SIGNATURE-----

-- 
Jaunty-changes mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/jaunty-changes

Reply via email to