Change logs for libtk-img source package in Jaunty

libtk-img (1:1.3-release-8) unstable; urgency=high

  * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes
    security vulnerability CVE-2007-5137 arbitrary code execution via
    multi-frame interlaced GIF.
  * Applied patch by Nico Golde (previously created for Tk 8.4) which fixes
    security vulnerability CVE-2007-5378 overflow triggered by crafted
    GIF file (closes: #519072).
  * Set urgency to high as this upload fixes security vulnerabilities.
  * Mangled Debian version and use SF redirector in debian/watch uscan control
    file.
  * Overridden lintian warning on an ancient libtool version in libjpeg
    subdirectory because it isn't used when building the binary package.

 -- Kees Cook <email address hidden>   Wed,  18 Mar 2009 16:43:21 +0000

libtk-img (1:1.3-release-7) unstable; urgency=high

  * Fixed CVE-2008-0553 vulnerability (Stack-based buffer overflow in the
    ReadImage function in tkImgGIF.c allows remote attackers to execute
    arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.)
    Thanks Nico Golde for the patch. Closes: #485785.
  * Set urgency to high as this upload fixes a security vulnerability.
  * Protected quilt invocation in debian/rules to make it possible to convert
    bwidget source package to 3.0 (quilt) format (closes: #482710).
  * Bumped standards version to 3.8.0.

 -- Ubuntu Archive Auto-Sync <email address hidden>   Tue,  17 Jun 2008 06:25:19 +0100