[ubuntu/oracular-proposed] gdk-pixbuf 2.42.12+dfsg-1 (Accepted)
Jeremy Bícha
jeremy.bicha at canonical.com
Fri May 17 07:56:26 UTC 2024
gdk-pixbuf (2.42.12+dfsg-1) unstable; urgency=high
* Team upload
* New upstream release
- Reject malformed .ani files, including one category that can cause
memory corruption (CVE-2022-48622)
* d/rules: Keep .ani, .bmp, .icns, .ico, .pnm, .qtif, .tga, .xbm, .xpm
loaders enabled for now. They are weakly maintained, and no longer
enabled by default upstream to reduce security exposure, but disabling
them would be a feature regression, which we shouldn't do in the same
upload as a security fix.
* d/rules: Disable miscellaneous loaders for the udeb, which as far as
we know only needs PNG support
* d/copyright: Pre-generated HTML documentation no longer needs excluding
* Set high urgency for security fix
Date: 2024-05-16 22:28:16.558837+00:00
Signed-By: Jeremy Bícha <jeremy.bicha at canonical.com>
https://launchpad.net/ubuntu/+source/gdk-pixbuf/2.42.12+dfsg-1
-------------- next part --------------
Sorry, changesfile not available.
More information about the oracular-changes
mailing list