*** This bug is a security vulnerability ***
Public security bug reported:
Ubuntu ships Freeimage 3.13.1 and upstream has 3.15.1
* libtiff (from 3.9.2 to 3.9.5)
- CVE-2010-1411
- CVE-2009-2347
* libpng (from 1.2.41 to 1.5.4)
- CVE-2010-1205
- CVE-2011-2690
- CVE-2011-2691
- CVE-2011-2692
** Affects: freeimage (Ubuntu)
Importance: Undecided
Status: New
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-1411
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-2347
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-1205
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2690
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2691
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2692
** Description changed:
Ubuntu ships Freeimage 3.13.1 and upstream has 3.15.1
* libtiff (from 3.9.2 to 3.9.5)
- - CVE-2010-1411
- - CVE-2009-2347.
+ - CVE-2010-1411
+ - CVE-2009-2347
* libpng (from 1.2.41 to 1.5.4)
- - CVE-2010-1205
- - CVE-2011-2690
- - CVE-2011-2691
- - CVE-2011-2692
+ - CVE-2010-1205
+ - CVE-2011-2690
+ - CVE-2011-2691
+ - CVE-2011-2692
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/898825
Title:
freeimage: multiple vulnerabilities in embedded code copies
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freeimage/+bug/898825/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
