imlib2 1.4.6-2ubuntu0.1 source package in Ubuntu

Changelog

imlib2 (1.4.6-2ubuntu0.1) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service (divide-by-zero) via drawing
    a 2x1 ellipse.
    - debian/patches/debian/patches/04_CVE-2011-5326.patch: ensure
      denominators are not zero.
    - CVE-2011-5326
  * SECURITY UPDATE: denial of service (segmentation fault) via a
    GIF image without a colormap.
    - debian/patches/debian/patches/CVE-2014-9762.patch: return error if
      no colormap.
    - CVE-2014-9762
  * SECURITY UPDATE: denial of service (divide-by-zero) handling
    PNM files.
    - debian/patches/debian/patches/CVE-2014-9763.patch: ensure
      denominators are not zero.
    - CVE-2014-9763
  * SECURITY UPDATE: denial of service (segmentation fault) handling
    certain GIF images
    - debian/patches/debian/patches/CVE-2014-9764.patch: check for NULL.
    - CVE-2014-9764
  * SECURITY UPDATE: integer overflow leading to denial of service
    - debian/patches/debian/patches/05_CVE-2014-9771.patch: reduce
      maximum allowed image dimensions.
    - CVE-2014-9771
  * SECURITY UPDATE: denial of service due to out-of-bounds read.
    - debian/patches/debian/patches/06_CVE-2016-3993.patch: check
      boundary condition before reading array element.
    - CVE-2016-3993
  * SECURITY UPDATE: out-of-bounds read handling GIFs leading to denial
    of service or information disclosure.
    - debian/patches/debian/patches/07_CVE-2016-3994.patch: ensure
      colormap limits are honored.
    - CVE-2016-3994
  * SECURITY UPDATE: different integer overflow on 32 bit arches
    leading to a denial of service
    - debian/patches/debian/patches/08_CVE-2016-4024.patch: reduce
      allowed dimensions even further.
    - CVE-2016-4024

 -- Steve Beattie <email address hidden>  Thu, 01 Sep 2016 00:29:09 -0700

Upload details

Uploaded by:
Steve Beattie on 2016-09-01
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Trusty updates on 2016-09-09 main libs
Trusty security on 2016-09-09 main libs

Downloads

File Size SHA-256 Checksum
imlib2_1.4.6.orig.tar.gz 949.0 KiB 17cc128c0e61974d59c423b59d0fb5cb85c97169adf5b05184cc58f7c87b4f4e
imlib2_1.4.6-2ubuntu0.1.debian.tar.gz 15.5 KiB 718b991345acd8d6f5ccf6d0c9ba5b8037b8cf81b4111b03525ba8b6c189f3ab
imlib2_1.4.6-2ubuntu0.1.dsc 2.0 KiB e167b935beb9f157de20023ff0e1ff496a9f0d61c9d7fcbcd9c33deccb2b5fa6

View changes file

Binary packages built by this source

libimlib2: image loading, rendering, saving library

 Imlib2 is a library that does image file loading and saving as well as
 rendering, manipulation, arbitrary polygon support, etc.
 .
 It does ALL of these operations FAST. Imlib2 also tries to be highly
 intelligent about doing them, so writing naive programs can be done easily,
 without sacrificing speed.

libimlib2-dbgsym: debug symbols for package libimlib2

 Imlib2 is a library that does image file loading and saving as well as
 rendering, manipulation, arbitrary polygon support, etc.
 .
 It does ALL of these operations FAST. Imlib2 also tries to be highly
 intelligent about doing them, so writing naive programs can be done easily,
 without sacrificing speed.

libimlib2-dev: image loading, rendering, saving library (development files)

 Imlib2 is a library that does image file loading and saving as well as
 rendering, manipulation, arbitrary polygon support, etc.
 .
 It does ALL of these operations FAST. Imlib2 also tries to be highly
 intelligent about doing them, so writing naive programs can be done easily,
 without sacrificing speed.
 .
 This package provides the development files (ie. includes, static library,
 manual pages) that allow to build software which uses imlib2.