[SECURITY] Fedora 10 Update: ocaml-camlimages-3.0.1-3.fc10.3
updates at fedoraproject.org
updates at fedoraproject.org
Tue Nov 10 17:48:14 UTC 2009
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-10568
2009-10-21 00:07:41
--------------------------------------------------------------------------------
Name : ocaml-camlimages
Product : Fedora 10
Version : 3.0.1
Release : 3.fc10.3
URL : http://gallium.inria.fr/camlimages/
Summary : OCaml image processing library
Description :
CamlImages is an image processing library for Objective CAML, which provides:
basic functions for image processing and loading/saving, various image file
formats (hence providing a translation facility from format to format),
and an interface with the Caml graphics library allows to display images
in the Graphics module screen and to mix them with Caml drawings
In addition, the library can handle huge images that cannot be (or can hardly
be) stored into the main memory (the library then automatically creates swap
files and escapes them to reduce the memory usage).
--------------------------------------------------------------------------------
Update Information:
Fix handling of oversized TIFF images.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 16 2009 Richard W.M. Jones <rjones at redhat.com> - 3.0.1-3.fc10.3
- ocaml-camlimages: TIFF reader multiple integer overflows
(CVE 2009-3296 / RHBZ#528732).
* Fri Jul 3 2009 Richard W.M. Jones <rjones at redhat.com> - 3.0.1-3.fc10.2
- ocaml-camlimages: PNG reader multiple integer overflows
(CVE 2009-2295 / RHBZ#509531).
* Mon Nov 3 2008 Richard W.M. Jones <rjones at redhat.com> - 3.0.1-3
- +BR gtk2-devel.
- +BR ocaml-x11.
* Mon Nov 3 2008 Richard W.M. Jones <rjones at redhat.com> - 3.0.1-1
- Home page moved (fixes rhbz 468158).
- New upstream version 3.0.1 and multiple build fixes for this.
- License is really LGPLv2 with the OCaml linking exception.
- Removed the DESTDIR patch.
- Build tiff support.
- Run it through rpmlint and fix all problems.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #528732 - CVE-2009-3296 ocaml-camlimages: TIFF reader multiple integer overflows
https://bugzilla.redhat.com/show_bug.cgi?id=528732
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update ocaml-camlimages' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the Fedora-package-announce
mailing list