[sylpheed:33774] Sylpheed 3.0.1 released (security release)

Hiroyuki Yamamoto hiro-y at kcn.ne.jp
Wed Mar 17 13:53:19 JST 2010


Sylpheed 3.0.1 (3.0.1-win32) has been released.


In this release libpng and libtiff, image libraries included in Windows
version, were updated to libpng 1.2.43 and libtiff 3.9.2. This fixes
many security issues. The users of Windows version are recommended to
update as soon as possible.

If you want to keep using the older version, overwrite the existent
files with libpng13.dll and libtiff3.dll in the following file.


Refer to libpng web site [1], CVE-2009-1932, CVE-2009-2042,
CVE-2010-0205 for the details of libpng vulnerability. Refer to libtiff
web site [2], CVE-2008-2327, CVE-2009-2285, CVE-2009-2347 for the
details of libtiff vulnerability.

Other changes

    * Several typos in some dialogs were fixed.
    * The Japanese manual was updated.

[1] http://www.libpng.org/pub/png/libpng.html
[2] http://www.remotesensing.org/libtiff/

Hiroyuki Yamamoto <hiro-y at kcn.ne.jp>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.sraoss.jp/pipermail/sylpheed/attachments/20100317/3751b03c/attachment.bin 

More information about the Sylpheed mailing list