Change logs for gdk-pixbuf source package in Hoary

gdk-pixbuf (0.22.0-7ubuntu2.1) hoary-security; urgency=low


  * SECURITY UPDATE: Arbitrary code execution and DoS.
  * Fix integer overflow in XPM loader:
    - gdk-pixbuf/io-xpm.c, pixbuf_create_from_xpm(): Check n_col for integer
      overflow before allocating memory.
    - XPMs with specially crafted number of colors can lead to buffer overflow
      and arbitrary code execution.
    - CVE-2005-3186
  * Fix another integer overflow in XPM loader:
    - gdk-pixbuf/io-xpm.c, pixbuf_create_from_xpm(): Use gdk_pixbuf_new()
      instead of low-level allocation since the latter did not check for
      integer overflows (width * height * number of colors).
    - CVE-2005-2976
  * Fix endless loop in XPM loader:
    - gdk-pixbuf/io-xpm.c, file_buffer(): Avoid endless loop with specially
      crafted number of colors.
    - CVE-2005-2975

 -- Martin Pitt <email address hidden>  Wed, 16 Nov 2005 11:14:03 +0000

gdk-pixbuf (0.22.0-7ubuntu2) hoary; urgency=low


  * SECURITY UPDATE: Fix Denial of Service with malformed images.
  * gdk-pixbuf/io-bmp.c, grow_buffer(): Fix double free() leading
    to a crash with malicious BMP images.
  * References:
    CAN-2005-0891

 -- Martin Pitt <email address hidden>  Tue,  5 Apr 2005 17:42:17 +0000