Accepted libgd 1.8.4-36ubuntu1 (source)
Martin Pitt
martin.pitt at canonical.com
Tue Nov 9 17:00:02 CST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 9 Nov 2004 23:53:35 +0100
Source: libgd
Binary: libgd-dev libgd-noxpm-dev libgd1 libgd1-noxpm libgd-xpm-dev libgd1-xpm
Architecture: source
Version: 1.8.4-36ubuntu1
Distribution: hoary
Urgency: low
Maintainer: Jonas Smedegaard <dr at jones.dk>
Changed-By: Martin Pitt <martin.pitt at canonical.com>
Description:
libgd-dev - GD Graphics Library (transitional package)
libgd-noxpm-dev - GD Graphics Library (old version, without XPM support)
libgd-xpm-dev - GD Graphics Library (old version)
libgd1 - GD Graphics Library (transitional package)
libgd1-noxpm - GD Graphics Library (old version, without XPM support)
libgd1-xpm - GD Graphics Library (old version)
Changes:
libgd (1.8.4-36ubuntu1) hoary; urgency=low
.
* SECURITY UPDATE for Hoary. See previuos changelog.
.
libgd (1.8.4-36ubuntu0.1) warty-security; urgency=low
.
* SECURITY UPDATE: fix potential buffer overflows
* gd_png.c:
- gdMalloc() was called with a size calculated by multiplying
user-supplied values without overflow checking, leading to potential
buffer overflows
- fixed forgotten return statements on failed gdMalloc(), causing writing
to uninitialized memory if allocation failed
* References:
CAN-2004-0990
http://www.securityfocus.com/archive/1/379382
Files:
7b8f11c5dc4077f1dc6417650ff6966f 771 oldlibs optional libgd_1.8.4-36ubuntu1.dsc
c43e02cc24af5c38d827a6ec0df55b3e 10951 oldlibs optional libgd_1.8.4-36ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBkUqtDecnbV4Fd/IRAtbQAJ9eLpjv+0ArRXOgLm0wtj8QxyQTPACfSvw3
IMGbGs/Kc2W19yVYXmIYBfw=
=HVZL
-----END PGP SIGNATURE-----
Accepted:
libgd_1.8.4-36ubuntu1.diff.gz
to pool/main/libg/libgd/libgd_1.8.4-36ubuntu1.diff.gz
libgd_1.8.4-36ubuntu1.dsc
to pool/main/libg/libgd/libgd_1.8.4-36ubuntu1.dsc
More information about the hoary-changes
mailing list