-
gdk-pixbuf (2.36.11-2) unstable; urgency=medium
* Team upload
[ Emilio Pozuelo Monfort ]
* Switch triggers to noawait.
[ Simon McVittie ]
* Update Vcs-* for move from Alioth svn to Salsa git
* debian/gbp.conf: Add
* Add patches from upstream to fix crash bugs:
- CVE-2017-6312: out-of-bounds read in ico (Closes: #856444)
- CVE-2017-6313: integer underflow in icns (Closes: #856445)
- CVE-2017-6314: infinite loop in tiff (Closes: #856448)
Thanks to Salvatore Bonaccorso for highlighting the relevant commits.
-- Simon McVittie <email address hidden> Fri, 16 Mar 2018 10:57:57 +0000
-
gdk-pixbuf (2.36.11-1ubuntu0.1) artful-security; urgency=medium
* SECURITY UPDATE: DoS and integer overflow in io-ico.c
- debian/patches/CVE-2017-6312.patch: fix potential integer overflow
in gdk-pixbuf/io-ico.c.
- CVE-2017-6312
* SECURITY UPDATE: DoS and integer underflow in load_resources function
- debian/patches/CVE-2017-6313.patch: protect against too short
blocklen in gdk-pixbuf/io-icns.c.
- CVE-2017-6313
* SECURITY UPDATE: DoS (infinite loop)
- debian/patches/CVE-2017-6314.patch: avoid overflow buffer size
computation in gdk-pixbuf/io-tiff.c.
- CVE-2017-6314
-- <email address hidden> (Leonidas S. Barbosa) Thu, 11 Jan 2018 15:05:48 -0300
-
gdk-pixbuf (2.36.11-1) unstable; urgency=medium
* New upstream release
* debian/copyright: The non-free images have been replaced
(thanks Olly Betts!) so drop the Files-Excluded line
* Drop git_fix-tiff-build.patch: Applied in new release
-- Jeremy Bicha <email address hidden> Mon, 02 Oct 2017 12:36:35 -0400
