Format: 1.8
Date: Thu, 01 Sep 2016 00:29:09 -0700
Source: imlib2
Binary: libimlib2 libimlib2-dev
Architecture: armhf
Version: 1.4.6-2ubuntu0.1
Distribution: trusty
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos01-arm64-027.buildd>
Changed-By: Steve Beattie <sbeattie@ubuntu.com>
Description: 
 libimlib2  - image loading, rendering, saving library
 libimlib2-dev - image loading, rendering, saving library (development files)
Changes: 
 imlib2 (1.4.6-2ubuntu0.1) trusty-security; urgency=medium
 .
   * SECURITY UPDATE: denial of service (divide-by-zero) via drawing
     a 2x1 ellipse.
     - debian/patches/debian/patches/04_CVE-2011-5326.patch: ensure
       denominators are not zero.
     - CVE-2011-5326
   * SECURITY UPDATE: denial of service (segmentation fault) via a
     GIF image without a colormap.
     - debian/patches/debian/patches/CVE-2014-9762.patch: return error if
       no colormap.
     - CVE-2014-9762
   * SECURITY UPDATE: denial of service (divide-by-zero) handling
     PNM files.
     - debian/patches/debian/patches/CVE-2014-9763.patch: ensure
       denominators are not zero.
     - CVE-2014-9763
   * SECURITY UPDATE: denial of service (segmentation fault) handling
     certain GIF images
     - debian/patches/debian/patches/CVE-2014-9764.patch: check for NULL.
     - CVE-2014-9764
   * SECURITY UPDATE: integer overflow leading to denial of service
     - debian/patches/debian/patches/05_CVE-2014-9771.patch: reduce
       maximum allowed image dimensions.
     - CVE-2014-9771
   * SECURITY UPDATE: denial of service due to out-of-bounds read.
     - debian/patches/debian/patches/06_CVE-2016-3993.patch: check
       boundary condition before reading array element.
     - CVE-2016-3993
   * SECURITY UPDATE: out-of-bounds read handling GIFs leading to denial
     of service or information disclosure.
     - debian/patches/debian/patches/07_CVE-2016-3994.patch: ensure
       colormap limits are honored.
     - CVE-2016-3994
   * SECURITY UPDATE: different integer overflow on 32 bit arches
     leading to a denial of service
     - debian/patches/debian/patches/08_CVE-2016-4024.patch: reduce
       allowed dimensions even further.
     - CVE-2016-4024
Checksums-Sha1: 
 a0c136b8fd7a79f26441daafb83d3147875f0c39 149900 libimlib2_1.4.6-2ubuntu0.1_armhf.deb
 ccbd6307754bdd31161428011256c0194bb7845e 145076 libimlib2-dev_1.4.6-2ubuntu0.1_armhf.deb
 166823b97ab5be03036daf4247c4bde7dfa211ff 306716 libimlib2-dbgsym_1.4.6-2ubuntu0.1_armhf.ddeb
Checksums-Sha256: 
 0f8a2a2ef983349166783d41bd0fa93bd260cd32605908692a20ce6ab6a058af 149900 libimlib2_1.4.6-2ubuntu0.1_armhf.deb
 6e4a3bbd6c242fbc162b9f998677764975eb579fa91bc0199583f8b81588f66e 145076 libimlib2-dev_1.4.6-2ubuntu0.1_armhf.deb
 da03abbdcbd66172ff4d70a1b7ff7834651c8f14c1838f92c775d0ff5db0dadf 306716 libimlib2-dbgsym_1.4.6-2ubuntu0.1_armhf.ddeb
Files: 
 315abebaf98e8fb8e1e3a4050ccd8957 149900 libs optional libimlib2_1.4.6-2ubuntu0.1_armhf.deb
 120a071124649559af773d6dded7cfc5 145076 libdevel optional libimlib2-dev_1.4.6-2ubuntu0.1_armhf.deb
 5fee98cd991b60501f6909a2ea852d6c 306716 libs extra libimlib2-dbgsym_1.4.6-2ubuntu0.1_armhf.ddeb
Original-Maintainer: Alessandro Ghedini <ghedo@debian.org>