Change logs for gdk-pixbuf source package in Breezy

gdk-pixbuf (0.22.0-8ubuntu0.1) breezy-security; urgency=low


  * SECURITY UPDATE: Arbitrary code execution and DoS.
  * Fix integer overflow in XPM loader:
    - gdk-pixbuf/io-xpm.c, pixbuf_create_from_xpm(): Check n_col for integer
      overflow before allocating memory.
    - XPMs with specially crafted number of colors can lead to buffer overflow
      and arbitrary code execution.
    - CVE-2005-3186
  * Fix another integer overflow in XPM loader:
    - gdk-pixbuf/io-xpm.c, pixbuf_create_from_xpm(): Use gdk_pixbuf_new()
      instead of low-level allocation since the latter did not check for
      integer overflows (width * height * number of colors).
    - CVE-2005-2976
  * Fix endless loop in XPM loader:
    - gdk-pixbuf/io-xpm.c, file_buffer(): Avoid endless loop with specially
      crafted number of colors.
    - CVE-2005-2975

 -- Martin Pitt <email address hidden>  Wed, 16 Nov 2005 10:52:19 +0000

gdk-pixbuf (0.22.0-8) unstable; urgency=high


  * Fix untested patch in -7.1 NMU. (glib 1.2 doesn't have g_try_realloc)
    (closes: #306948)

 -- Ryan Murray <email address hidden>  Fri, 29 Apr 2005 21:00:10 -0700