[Bug 185178] Re: Please sponsor libpng 1.2.24

Thu, 01 May 2008 10:46:14 -0700 

Attached is the debdiff (filterdiff -i '*/debian/*') from 1.2.15~beta5-3
to 1.2.27-1 (straight from debian, no other patches). Since there are a
number of CVE fixes, it seems like a good candidate for a SRU.

Changelog:
libpng (1.2.27-1) unstable; urgency=low

  * New upstream release
  * Patches merged upstream:
    debian/patches/02-476669-CVE-2008-1382.diff
    debian/patches/03-404514-png.5.diff
  * Run ./autogen.sh

 -- Anibal Monsalve Salazar <[EMAIL PROTECTED]>  Tue, 29 Apr 2008
17:22:16 +1000

libpng (1.2.26-1) unstable; urgency=high

  * New upstream release. Closes: #431202
  * Use quilt
    Add 01-legacy.diff
  * Fix CVE-2008-1382 denial of service and possibly code execution
    Add 02-476669-CVE-2008-1382.diff
    Closes: #476669
  * Fix URL in png.5. Closes: #404514
    Add 03-404514-png.5.diff
  * Move examples to libpng12-dev. Closes: #401467
  * Fix "libpng (<= 1.2.20) contains grey-licensed code". Closes: #469126
  * Fix the following lintian issues:
    W: libpng source: debian-rules-ignores-make-clean-error line 37
    W: libpng source: substvar-source-version-is-deprecated libpng12-dev
    W: libpng source: out-of-date-standards-version 3.7.2 (current is 3.7.3)
    W: libpng12-0-udeb udeb: description-contains-homepage
    W: libpng3: description-contains-homepage
    W: libpng12-dev: description-contains-homepage
    W: libpng12-0: package-contains-empty-directory usr/bin/
    W: libpng12-0: package-contains-empty-directory usr/sbin/
    W: libpng12-0: description-contains-homepage
    W: libpng12-0: doc-base-unknown-section libpng12:22 Apps/Programming

 -- Anibal Monsalve Salazar <[EMAIL PROTECTED]>  Sun, 20 Apr 2008
18:22:32 +1000


** Attachment added: "debdiff 1.2.15~beta5-3 to 1.2.27-1"
   http://launchpadlibrarian.net/14068382/libpng_1.2.27-1.debdiff

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-5267

** Tags added: security

** This bug has been flagged as a security issue

-- 
Please sponsor libpng 1.2.24
https://bugs.launchpad.net/bugs/185178
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to