This bug was fixed in the package gdk-pixbuf - 2.36.0-1ubuntu1
---------------
gdk-pixbuf (2.36.0-1ubuntu1) zesty; urgency=medium
* Sync with Debian (LP: #1643222). Remaining change:
- Unset MALLOC_PERTURB_ for the /pixbuf/cve-2015-4491/original test, as
it fails with OOM, or gets OOM killed.
* Drop CVE-2016-6352.patch, the fix was applied in new upstream version
-- Jeremy Bicha <[email protected]> Sat, 19 Nov 2016 12:50:45 -0500
** Changed in: gdk-pixbuf (Ubuntu)
Status: New => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-6352
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gdk-pixbuf in Ubuntu.
https://bugs.launchpad.net/bugs/1643222
Title:
Merge gdk-pixbuf 2.36.0-1 (main) with Debian unstable (main)
Status in gdk-pixbuf package in Ubuntu:
Fix Released
Bug description:
Please merge gdk-pixbuf 2.36.0-1 (main) with Debian unstable (main)
This update is needed by gtkm3.0 3.22:
https://launchpad.net/ubuntu/+source/gtkmm3.0/3.22.0-1/+build/11118318
Explanation of the Ubuntu delta and why it can be dropped:
* SECURITY UPDATE: Fixes for write out-of-bounds error
- debian/patches/CVE-2016-6352.patch: Be more careful when parsing ico
headers. Based on upstream patch.
- CVE-2016-6352
The patch was backported from 2.35.3 so it's not needed any more
This change is still needed by the Launchpad builders:
* Merge from Debian unstable (LP: #1573839). Remaining changes:
- Unset MALLOC_PERTURB_ for the /pixbuf/cve-2015-4491/original test, as
it fails with OOM, or gets OOM killed.
Changelog entries since current zesty version 2.34.0-1ubuntu2:
gdk-pixbuf (2.36.0-1) unstable; urgency=medium
* New upstream release.
-- Michael Biebl <[email protected]> Mon, 19 Sep 2016 19:10:55 +0200
gdk-pixbuf (2.35.5-1) unstable; urgency=medium
* New upstream development release.
* Drop 02-tests-Make-sure-to-NULL-terminate-the-arguments-pass.patch, merged
upstream.
* Bump debhelper compat level to 10.
* Use dh_install --list-missing to show uninstalled files and exclude
libtool .la files.
-- Michael Biebl <[email protected]> Tue, 13 Sep 2016 16:17:03 +0200
gdk-pixbuf (2.35.4-4) unstable; urgency=medium
* Move gtk-doc-tools and libglib2.0-doc from Build-Depends-Indep to
Build-Depends.
-- Michael Biebl <[email protected]> Thu, 08 Sep 2016 19:17:54 +0200
gdk-pixbuf (2.35.4-3) unstable; urgency=medium
* Make sure to NULL terminate the arguments passed to g_test_get_filename().
Otherwise the /pixbuf/composite2 test will segfault. (Closes: #837030)
* Make test-suite failures fatal again.
-- Michael Biebl <[email protected]> Thu, 08 Sep 2016 18:59:21 +0200
gdk-pixbuf (2.35.4-2) unstable; urgency=medium
* Make test-suite failures non-fatal for now to not block ongoing
transitions.
* Build gtk-doc documentation via --enable-gtk-doc.
* Bump Standards-Version to 3.9.8.
-- Michael Biebl <[email protected]> Thu, 08 Sep 2016 16:49:06 +0200
gdk-pixbuf (2.35.4-1) unstable; urgency=medium
* New upstream release.
* Update symbols file with new additions. A few private symbols were
dropped.
* Use dh-exec for substituting multiarch paths in libgdk-pixbuf2.0-0.install
and libgdk-pixbuf2.0-dev.links.
* Convert from cdbs to dh.
-- Michael Biebl <[email protected]> Wed, 07 Sep 2016 18:00:22 +0200
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gdk-pixbuf/+bug/1643222/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
