Back to libpng PTS page

Accepted libpng 1.2.44-1+squeeze6 (source all i386) into squeeze-lts



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 22 Dec 2015 19:03:02 +0100
Source: libpng
Binary: libpng12-0 libpng12-dev libpng3 libpng12-0-udeb
Architecture: source all i386
Version: 1.2.44-1+squeeze6
Distribution: squeeze-lts
Urgency: high
Maintainer: Anibal Monsalve Salazar <anibal@debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description: 
 libpng12-0 - PNG library - runtime
 libpng12-0-udeb - PNG library - minimal runtime library (udeb)
 libpng12-dev - PNG library - development
 libpng3    - PNG library - runtime
Changes: 
 libpng (1.2.44-1+squeeze6) squeeze-lts; urgency=high
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * CVE-2015-8472
     update incomplete patch for CVE-2015-8126
   * CVE-2015-8540
     underflow read in png_check_keyword in pngwutil.c
   * CVE-2012-3425
     The png_push_read_zTXt function in pngpread.c in libpng 1.0.x
     before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and
     1.5.x before 1.5.10 allows remote attackers to cause a denial
     of service (out-of-bounds read) via a large avail_in field value
     in a PNG image.
     In contrast to the next changelog entry, the vulnerable code
     is present.
Checksums-Sha1: 
 e71e91c0ddf16e13cc2d637b009775a375cec6d4 1973 libpng_1.2.44-1+squeeze6.dsc
 07bd9d67c6e6076416a951451e1b05c2660e9d0d 657967 libpng_1.2.44.orig.tar.bz2
 0a2476619da2d790d237cf61da661041a73bceb8 20784 libpng_1.2.44-1+squeeze6.debian.tar.bz2
 b0ebd06df89d315f42c4c32cb0a6ffc9edca8608 874 libpng3_1.2.44-1+squeeze6_all.deb
 736c2f8960b4c8257fbd6af7204493b5156f0796 177290 libpng12-0_1.2.44-1+squeeze6_i386.deb
 885268cb63abd45ae99d4120e5aad17da1bfdd6e 261908 libpng12-dev_1.2.44-1+squeeze6_i386.deb
 414a6cb788e5d84484e88c29580bf41bea603d7b 70172 libpng12-0-udeb_1.2.44-1+squeeze6_i386.udeb
Checksums-Sha256: 
 fadfe5ade49f40fa9c3d33c8320d283416f1430b8e89e501cc0d2b234551f058 1973 libpng_1.2.44-1+squeeze6.dsc
 b9ab20f1c2c3bf6c4448fd9bd8a4a8905b918114d5fada56c97bb758a17b7215 657967 libpng_1.2.44.orig.tar.bz2
 2efd90ba7b77cae5dda7ad2e675bc22ac6882309088b13313cb1c4935fd7b1bc 20784 libpng_1.2.44-1+squeeze6.debian.tar.bz2
 a7425963e75bfee79f547886c025aea5431359aed9f694ffb912841553416fe6 874 libpng3_1.2.44-1+squeeze6_all.deb
 adba604e04eb1ad3aa64f061b4ccaf96105db06acf491032d9acffac2b1effd6 177290 libpng12-0_1.2.44-1+squeeze6_i386.deb
 aa49e51d99ccf8fdcb23a1be0bae0fb19dfbde262116d2f98580464d4aedf557 261908 libpng12-dev_1.2.44-1+squeeze6_i386.deb
 940784ad1d48f592393854da0f1a12bb19cbe36422c2822b13b3bbc2442339e3 70172 libpng12-0-udeb_1.2.44-1+squeeze6_i386.udeb
Files: 
 0bf57c5f435c4a2d8a25ed355b0a5bf3 1973 libs optional libpng_1.2.44-1+squeeze6.dsc
 e3ac7879d62ad166a6f0c7441390d12b 657967 libs optional libpng_1.2.44.orig.tar.bz2
 3cec4c9ca69268e868da17d1d0bf2ba7 20784 libs optional libpng_1.2.44-1+squeeze6.debian.tar.bz2
 8ad47346427a1b58d204cc054e14b699 874 oldlibs optional libpng3_1.2.44-1+squeeze6_all.deb
 047ae5727fd5237cc96d8fdb588990cb 177290 libs optional libpng12-0_1.2.44-1+squeeze6_i386.deb
 c4f389276054c5f9fa8ab9c2e7b526b4 261908 libdevel optional libpng12-dev_1.2.44-1+squeeze6_i386.deb
 42be8c83a39606de16443668fbe943c9 70172 debian-installer extra libpng12-0-udeb_1.2.44-1+squeeze6_i386.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJWgDT/XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHE9QQAIKszBf4DgM3Z2LzimwQiH1h
5Ue/S2N7se83UniiUiWAht94EoQeW1OaneljIwEFQnN3ZL/01OzvPqDcDhm9yTtT
ZvN500aQd3asZms3qSLmuQF4gyf8X4l7qyfCQKQx5piSUryoPHBUSD5Ic3O/rdVk
kRt6ClunTQY9adEEUJNIHM1UkezTVZwddKtLFjalYTuhi6g70igsiqVGq2/O7UHs
xbobAou13m8H8SYpx05DIU6vyocQQvalEsZiMYR5zqzHHrwTdaFelahwOVWDlPVb
wCODw3CWqhrAwQxBgwCQJGs2tpgH44hTjOOntzxpsa2sRkSHmjZLyu3h5fjEOlOA
402wa1xltxDGDEhXc4N+VaeNqcdcXRATz2Lbe0n04KtxKrXBTg5IwCTiK06kDVO6
JqFTF2mKY6tNeDzcA9HVs9nU0wyXnGM+jjNmuGL855MVddvR66ssGl587+VsRn30
gfLPvRzWG8Kobc+rnThLxsQuXS/eOK+qR/UjI37rB0MWOIObhipTFQghGlmMQ9w8
HaGue9EXJIMj/W2jMPYc1kIsl61ZdG524o/AeG7hv/0PCT3MNHvSmiZW1V348aCS
TNC3apaoUzEJIogXiNvJviUwxZyxS8eUnRplzoB8nOnZmYnxMFLmVvpkApNX4kLk
DAoxDuX2Pea7WV/nvnl0
=KJkS
-----END PGP SIGNATURE-----