Univention Bugzilla – Bug 55396
pixman: Multiple issues (5.0)
Last modified: 2022-11-09 17:41:36 CET
New Debian pixman 0.36.0-1+deb10u1 fixes: This update addresses the following issue: * Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write (CVE-2022-44638)
--- mirror/ftp/pool/main/p/pixman/pixman_0.36.0-1.dsc +++ apt/ucs_5.0-0-errata5.0-2/source/pixman_0.36.0-1+deb10u1.dsc @@ -1,3 +1,12 @@ +0.36.0-1+deb10u1 [Mon, 07 Nov 2022 10:59:27 +0000] Chris Lamb <lamby@debian.org>: + + * Non-maintainer upload by the LTS team. + * CVE-2022-44638: Prevent out-of-bounds write (aka heap-based buffer + overflow) in the rasterize_edges_8 function due to an integer overflow in + pixman_sample_floor_y. (Closes: #1023427) + * Add debian/.gitlab-ci.yml. + * Refresh debian/patches/test-increase-timeout.diff. + 0.36.0-1 [Wed, 12 Dec 2018 22:02:44 +0100] Andreas Boll <aboll@debian.org>: * New upstream release. <http://piuparts.knut.univention.de/5.0-2/#7362500911672940316>
OK: yaml OK: announce_errata OK: patch OK: piuparts
<https://errata.software-univention.de/#/?erratum=5.0x477>