All Ubuntu package versions


AllUtopicTrustySaucyPreciseLucidAll PPAs
DashboardRecent Search QueriesSearch Statistics
Alphabetical listSearchBugs
CommentsResqueStathatMemoryTracker

Package "libpng12-dev"

Name: libpng12-dev

Description:

PNG library - development
libpng is a library implementing an interface for reading and writing
PNG (Portable Network Graphics) format files.

This package contains the header and development files needed to build
programs and packages using libpng.

Latest version: 1.2.42-1ubuntu2.5
Release: lucid (10.04)
Level: updates
Repository: main
Head package: libpng
Homepage: http://libpng.org/pub/png/libpng.html

Links

Save this URL for the latest version of "libpng12-dev": http://www.ubuntuupdates.org/libpng12-dev

All versions of this package Bug fixes
List of files in package Repository home page for package

Download "libpng12-dev"

32-bit deb package 64-bit deb package APT INSTALL

Other versions of "libpng12-dev" in Lucid

RepositoryAreaVersion
base main 1.2.42-1ubuntu2
security main 1.2.42-1ubuntu2.5

Change Log

Version: 1.2.42-1ubuntu2.5 2012-04-05 20:07:12 UTC

libpng (1.2.42-1ubuntu2.5) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    memory corruption issue.
    - debian/patches/CVE-2011-3048.patch: correctly restore to previous
      condition in pngset.c.
    - CVE-2011-3048

 -- Marc Deslauriers Thu, 05 Apr 2012 08:43:48 -0400

Source diff to previous version

Version: 1.2.42-1ubuntu2.4 2012-03-22 18:07:04 UTC

libpng (1.2.42-1ubuntu2.4) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    incorrect type.
    - debian/patches/09-CVE-2011-3045.patch: use correct type, properly
      handle odd chunk lengths, fix off-by-one in pngrutil.c.
    - CVE-2011-3045

 -- Marc Deslauriers Wed, 21 Mar 2012 13:38:15 -0400

Source diff to previous version
CVE-2011-3045 RESERVED

Version: 1.2.42-1ubuntu2.3 2012-02-16 21:03:20 UTC

libpng (1.2.42-1ubuntu2.3) lucid-security; urgency=low

  * SECURITY UPDATE: fix integer overflow / truncation
    - debian/patches/08-CVE-2011-3026.patch: adjust pngrutil.c to verify size
      when allocating memory in png_decompress_chunk()
    - CVE-2011-3026

 -- Jamie Strandboge Wed, 15 Feb 2012 21:22:27 -0600

Source diff to previous version

Version: 1.2.42-1ubuntu2.2 2011-07-26 19:02:48 UTC

libpng (1.2.42-1ubuntu2.2) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service via error message data
    - debian/patches/05-CVE-2011-2501.patch: correctly calculate length in
      pngerror.c.
    - CVE-2011-2501
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via crafted PNG image
    - debian/patches/06-CVE-2011-2690.patch: validate coefficients in
      pngrtran.c.
    - CVE-2011-2690
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via invalid sCAL chunks
    - debian/patches/07-CVE-2011-2692.patch: check sCAL chunk length in
      pngrutil.c.
    - CVE-2011-2692

 -- Marc Deslauriers Tue, 26 Jul 2011 08:41:48 -0400

Source diff to previous version
CVE-2011-2692 The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not pro
CVE-2011-2690 Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls
CVE-2011-2501 The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows rem

Version: 1.2.42-1ubuntu2.1 2010-07-08 16:07:04 UTC

libpng (1.2.42-1ubuntu2.1) lucid-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution from additional data row via
    malformed PNG image
    - debian/patches/03-CVE-2010-1205.patch: check for unexpected data
      after the last row in pngpread.c.
    - CVE-2010-1205
  * SECURITY UPDATE: denial of service via memory leak from malformed sCAL
    chunks
    - debian/patches/04-CVE-2010-2249.patch: properly free memory in
      pngrutil.c.
    - CVE-2010-2249

 -- Marc Deslauriers Mon, 05 Jul 2010 11:27:57 -0400

CVE-2010-1205 Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to exe
CVE-2010-2249 Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption an



About   -   Changelog   -   Send Feedback