Accepted libpng 1.2.49-1+deb7u1 (source amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 17 Nov 2015 19:31:24 +0100
Source: libpng
Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb
Architecture: source amd64
Version: 1.2.49-1+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Anibal Monsalve Salazar <anibal@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
libpng12-0 - PNG library - runtime
libpng12-0-udeb - PNG library - minimal runtime library (udeb)
libpng12-dev - PNG library - development
libpng3 - PNG library - runtime
Closes: 803078 805113
Changes:
libpng (1.2.49-1+deb7u1) wheezy-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Add CVE-2015-7981.patch patch.
CVE-2015-7981: Out-of-bounds read in png_convert_to_rfc1123.
(Closes: #803078)
* Add Prevent-writing-over-length-PLTE-chunk-Cosm.patch patch.
CVE-2015-8126: Multiple buffer overflows in the png_set_PLTE and
png_get_PLTE functions. (Closes: #805113)
* Add Fixed-new-bug-with-CRC-error-after-reading-.patch patch.
Fixed new bug with CRC error after reading an over-length palette.
Checksums-Sha1:
2934aa4cc73fe37280f8c5623d13898c6c27ec92 1987 libpng_1.2.49-1+deb7u1.dsc
93cdd7e4fe01b490cf045e3f354ab38f0200c540 669011 libpng_1.2.49.orig.tar.bz2
e9061afc87f2a68ce12eefa61b5ff4cd5a0c4fac 18111 libpng_1.2.49-1+deb7u1.debian.tar.bz2
04c71ca3c81152aa6b434ad94c5ad10d83159a21 190692 libpng12-0_1.2.49-1+deb7u1_amd64.deb
b775b9354a73ed8e8a419b8d7964a3213a75d0d6 267326 libpng12-dev_1.2.49-1+deb7u1_amd64.deb
4db3f15a6f9f71b9fe1d2c7e4d7a61eacf082610 958 libpng3_1.2.49-1+deb7u1_amd64.deb
3d3426bb51b7ff20420e7aefc3c350a15e0fb49d 63896 libpng12-0-udeb_1.2.49-1+deb7u1_amd64.udeb
Checksums-Sha256:
3f39b5b17b75d1a390b05d0c7169560bd15e621a204a8ff0d5814f3dff441288 1987 libpng_1.2.49-1+deb7u1.dsc
fbf8faa70ebca2ed2ee6df6f2249f4722517b581af5b6c3c71bbdaf925d5954e 669011 libpng_1.2.49.orig.tar.bz2
82a191df9f4430cc9dc4372201e2dd16f294031dcc492116e6d4f765279bf0dd 18111 libpng_1.2.49-1+deb7u1.debian.tar.bz2
dd0b8620227148f32903a50b60b78612c99e68a4166ae7f5f149a281566995c5 190692 libpng12-0_1.2.49-1+deb7u1_amd64.deb
3b85742458c119c7c4ba0aeab6b1b9425acf0d5cb3b3732736c99554c9bab2dd 267326 libpng12-dev_1.2.49-1+deb7u1_amd64.deb
84781eaf148632a54c81bc34c00b1946aa2b7acda835018a689e08c9ddeebd5d 958 libpng3_1.2.49-1+deb7u1_amd64.deb
3ebdcc2e886f871dc18f34cdaa5917546ad1fc393e60c33405d5070f5b6bad76 63896 libpng12-0-udeb_1.2.49-1+deb7u1_amd64.udeb
Files:
5fd562ec548a798eb94825a15aee94b8 1987 libs optional libpng_1.2.49-1+deb7u1.dsc
d5106b70b4f8b464a7da66bffe4565fb 669011 libs optional libpng_1.2.49.orig.tar.bz2
a1a69c7a7c312064f60e9c6e7840e755 18111 libs optional libpng_1.2.49-1+deb7u1.debian.tar.bz2
b8cb22e8f7d8dbe4c57630c096e78bd4 190692 libs optional libpng12-0_1.2.49-1+deb7u1_amd64.deb
b67174ad000d1fe9c93d28ed52c4bc4d 267326 libdevel optional libpng12-dev_1.2.49-1+deb7u1_amd64.deb
66b63e967b20aa836632fd9f289fcc66 958 oldlibs optional libpng3_1.2.49-1+deb7u1_amd64.deb
5f36e83d58e6d0084585b95db650fad4 63896 debian-installer extra libpng12-0-udeb_1.2.49-1+deb7u1_amd64.udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJWTA2YAAoJEAVMuPMTQ89EbOMQAJ7WoqvyXo8mQ4kYP0TMwN3z
LNASZWAXe9ULAuHWc/Ep5BYboNGLeslQx0e6IRuOk6ODzb/RkctOIPoNRzc0kFyG
u2II+o74oqA2OtVMo/SXpykpKZofKYDsn6lD5+ZvBM6rl6Y9r2ai+YgmrXaXMwiU
phB4etLFLXZcZyOJxwYRjKLlybWu0rkD5zd2UJ54Aapue0tqHxo2FnHlzZHN34qs
u8Yggh276tcWkSaCVqxoGkcuiDUMKkY8NCiZInXKkE8fO1QUpRkpMhWJr5AT1gHm
Zj/Ucgk1p+a1iAdTTPfohHdvNrZ/cuOZEn2j7Tt2F8dj0LwNy9hZ2chJDUZ3liiT
3ih4zIZ/lEcfL3sBgjL/qW1MM/Klu3SjinCpZXBljHTjSBZQ3wg/CsYXbTWbasHS
ZhuLF1wsJdEEIaW4QsZ/svI2k2Dqcfkv0KSJnIsKmTzT0f7idfhF+/KjD2f9PwSC
QfwP64VgNvP7A8/sdGyKK3RypF+zZMXNp6NJMhjI6JPylPpYMnc5xgiZ7wq7VJOW
n3jhNuPI0g7iHlUDhU25UvR4QHwjQ2om9WDnRBPchU8b3unXCmPn8cqoZkd67SD2
xPIXfJ8aDDVwMiCkWcU06ZmJO01Zg/YBHu15vElWnLBYrUfv7jxl2ks61nrujQPD
3vgRetuM0b78K62jFnut
=QARm
-----END PGP SIGNATURE-----