[ubuntu/karmic-security] gimp_2.6.7-1ubuntu1.1_ia64_translations.tar.gz, gimp_2.6.7-1ubuntu1.1_amd64_translations.tar.gz, gimp_2.6.7-1ubuntu1.1_sparc_translations.tar.gz (delayed), gimp_2.6.7-1ubuntu1.1_powerpc_translations.tar.gz, gimp_2.6.7-1ubuntu1.1_lpia_translations.tar.gz, gimp_2.6.7-1ubuntu1.1_i386_translations.tar.gz, gimp_2.6.7-1ubuntu1.1_armel_translations.tar.gz, gimp 2.6.7-1ubuntu1.1 (Accepted)

[Ubuntu Installer]

gimp (2.6.7-1ubuntu1.1) karmic-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via crafted BMP file
    - debian/patches/04_security_CVE-2009-1570.patch: validate bit depths,
      width and height in plug-ins/file-bmp/bmp-read.c.
    - CVE-2009-1570
  * SECURITY UPDATE: arbitrary code execution via crafted PSD file
    - debian/patches/05_security_CVE-2009-3909.patch: protect against
      integer overflows in plug-ins/file-psd/{psd.h,psd-load.c}.
    - CVE-2009-3909

Date: Mon, 04 Jan 2010 13:53:12 -0500
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Maintainer: Ubuntu Desktop Team <ubuntu-desk...@lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/gimp/2.6.7-1ubuntu1.1

Format: 1.8
Date: Mon, 04 Jan 2010 13:53:12 -0500
Source: gimp
Binary: libgimp2.0 gimp gimp-data libgimp2.0-dev libgimp2.0-doc gimp-dbg
Architecture: source
Version: 2.6.7-1ubuntu1.1
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Desktop Team <ubuntu-desk...@lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Description: 
 gimp       - The GNU Image Manipulation Program
 gimp-data  - Data files for GIMP
 gimp-dbg   - Debugging symbols for GIMP
 libgimp2.0 - Libraries for the GNU Image Manipulation Program
 libgimp2.0-dev - Headers and other files for compiling plugins for GIMP
 libgimp2.0-doc - Developers' Documentation for the GIMP library
Changes: 
 gimp (2.6.7-1ubuntu1.1) karmic-security; urgency=low
 .
   * SECURITY UPDATE: arbitrary code execution via crafted BMP file
     - debian/patches/04_security_CVE-2009-1570.patch: validate bit depths,
       width and height in plug-ins/file-bmp/bmp-read.c.
     - CVE-2009-1570
   * SECURITY UPDATE: arbitrary code execution via crafted PSD file
     - debian/patches/05_security_CVE-2009-3909.patch: protect against
       integer overflows in plug-ins/file-psd/{psd.h,psd-load.c}.
     - CVE-2009-3909
Checksums-Sha1: 
 9a68c3247ddf459209aa75e761c5d4bcc7c81e9c 1968 gimp_2.6.7-1ubuntu1.1.dsc
 527d89f94412642d57af7ada2585146350919e1c 46313 gimp_2.6.7-1ubuntu1.1.diff.gz
Checksums-Sha256: 
 cb013e8ef581f293871c2533ceb742fa2fe128650ff12e70672c2593e06d9cdc 1968 
gimp_2.6.7-1ubuntu1.1.dsc
 180a7ad211b51da1f7cdb3f28cc02cf10c5ce145d83160c4f85256a2b5a63692 46313 
gimp_2.6.7-1ubuntu1.1.diff.gz
Files: 
 13bd1c1b3fe5e3a8b6bcf48a36d911e2 1968 graphics optional 
gimp_2.6.7-1ubuntu1.1.dsc
 73409687dd02c2be37f119020b9288c5 46313 graphics optional 
gimp_2.6.7-1ubuntu1.1.diff.gz
Original-Maintainer: Ari Pollak <a...@debian.org>

-- 
Karmic-changes mailing list
Karmic-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/karmic-changes