[ubuntu/lunar-proposed] libxpm 1:3.5.12-1.1 (Accepted)
Jeremy Bicha
jeremy.bicha at canonical.com
Wed Jan 25 01:10:50 UTC 2023
libxpm (1:3.5.12-1.1) unstable; urgency=medium
* Non-maintainer upload.
* Fix CVE-2022-46285: Infinite loop on unclosed comments
* Fix CVE-2022-44617: Runaway loop with width of 0 and enormous height
* configure: add --disable-open-zfile instead of requiring -DNO_ZPIPE
* Fix CVE-2022-4883: compression commands depend on $PATH
* Prevent a double free in the error code path
* Use gzip -d instead of gunzip
* debian/rules: configure: Set explicitly runtime paths for {,un}compress
and gzip.
Date: 2023-01-18 04:35:38.806992+00:00
Signed-By: Jeremy Bicha <jeremy.bicha at canonical.com>
https://launchpad.net/ubuntu/+source/libxpm/1:3.5.12-1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the lunar-changes
mailing list