-
pixman (0.30.2-2ubuntu1.2) trusty-security; urgency=medium
* SECURITY UPDATE: general_composite_rect() integer overflow
- debian/patches/CVE-2015-5297-pre1.patch: ensure that iter buffers are
aligned to 16 bytes in pixman/pixman-general.c,
pixman/pixman-private.h, pixman/pixman-utils.c.
- debian/patches/CVE-2015-5297-pre2.patch: use floating point combiners
for all operators that involve divisions in pixman/pixman-general.c.
- debian/patches/CVE-2015-5297-1.patch: fix stack related pointer
arithmetic overflow in pixman/pixman-general.c.
- debian/patches/CVE-2015-5297-2.patch: tighten up calculation of
temporary buffer sizes in pixman/pixman-general.c.
- debian/patches/disable_test.patch: disable blitters test as the
correct CRC is unknown.
- CVE-2015-5297
-- Marc Deslauriers <email address hidden> Wed, 28 Nov 2018 15:25:56 -0500
-
pixman (0.30.2-2ubuntu1.1) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service and possible code execution via
overflow in create_bits
- debian/patches/CVE-2014-9766.patch: cast to size_t in
pixman/pixman-bits-image.c.
- CVE-2014-9766
-- Marc Deslauriers <email address hidden> Wed, 02 Mar 2016 15:57:02 -0500
-
pixman (0.30.2-2ubuntu1) trusty; urgency=medium
* Pass --disable-vmx on ppc64el to work around testsuite failure.
-- Adam Conrad <email address hidden> Tue, 17 Dec 2013 01:10:00 -0700
-
pixman (0.30.2-2) sid; urgency=low
* Cherry-pick upstream bigfixes for fixing a crash when rendering
invalid trapezoids. (LP: #1197921)
-- Maarten Lankhorst <email address hidden> Mon, 18 Nov 2013 15:08:56 +0100
-
pixman (0.30.2-1) sid; urgency=low
* New upstream release
- includes big-endian matrix-test fix
* Increase alpha-loop test timeout some more.
-- Julien Cristau <email address hidden> Tue, 13 Aug 2013 12:08:18 +0200
