[ubuntu/groovy-proposed] whoopsie 0.2.71 (Accepted)
Brian Murray
brian at ubuntu.com
Wed Aug 5 22:02:12 UTC 2020
whoopsie (0.2.71) groovy; urgency=medium
[ Marc Deslauriers ]
* SECURITY UPDATE: integer overflow in bson parsing (LP: #1872560)
- lib/bson/*: updated to latest upstream release.
- CVE-2020-12135
* SECURITY UPDATE: resource exhaustion via memory leak (LP: #1881982)
- src/whoopsie.c, src/tests/test_parse_report.c: properly handle
GHashTable.
- CVE-2020-11937
* SECURITY UPDATE: DoS via large data length (LP: #1882180)
- src/whoopsie.c, src/whoopsie.h, src/tests/test_parse_report.c: limit
the size of a report file.
- CVE-2020-15570
Date: Wed, 05 Aug 2020 15:00:45 -0700
Changed-By: Brian Murray <brian at ubuntu.com>
Maintainer: Evan Dandrea <ev at ubuntu.com>
https://launchpad.net/ubuntu/+source/whoopsie/0.2.71
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 05 Aug 2020 15:00:45 -0700
Source: whoopsie
Architecture: source
Version: 0.2.71
Distribution: groovy
Urgency: medium
Maintainer: Evan Dandrea <ev at ubuntu.com>
Changed-By: Brian Murray <brian at ubuntu.com>
Launchpad-Bugs-Fixed: 1872560 1881982 1882180
Changes:
whoopsie (0.2.71) groovy; urgency=medium
.
[ Marc Deslauriers ]
* SECURITY UPDATE: integer overflow in bson parsing (LP: #1872560)
- lib/bson/*: updated to latest upstream release.
- CVE-2020-12135
* SECURITY UPDATE: resource exhaustion via memory leak (LP: #1881982)
- src/whoopsie.c, src/tests/test_parse_report.c: properly handle
GHashTable.
- CVE-2020-11937
* SECURITY UPDATE: DoS via large data length (LP: #1882180)
- src/whoopsie.c, src/whoopsie.h, src/tests/test_parse_report.c: limit
the size of a report file.
- CVE-2020-15570
Checksums-Sha1:
5f416fe8850c47a18a0381fdb8f7a59c176fe92d 1787 whoopsie_0.2.71.dsc
aa1e087650c10e86393944798123281752584271 65148 whoopsie_0.2.71.tar.xz
999f788a08c3c3888b722a49253ca35fa4d3f424 15639 whoopsie_0.2.71_source.buildinfo
Checksums-Sha256:
bc1e3e3d1f08ff7a38f84771d362d36a9c01bfa5cfc0a6313b5bf82ac7c70456 1787 whoopsie_0.2.71.dsc
14b46f5957e63109b5c0c08f049f3bebd2fe970fcda3f8ca5642e417cf589264 65148 whoopsie_0.2.71.tar.xz
f1c115afd21b1638f19da24b4e6c075a04ed112d0198e35ea99c62c344d092f0 15639 whoopsie_0.2.71_source.buildinfo
Files:
54d04c9269755716bb838b31ff13880e 1787 utils optional whoopsie_0.2.71.dsc
4239855b4c0274909a6396e15889b566 65148 utils optional whoopsie_0.2.71.tar.xz
e0aa633c5aa252444a2e3f28d2d8293b 15639 utils optional whoopsie_0.2.71_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEfS610FljvwXMts5kHpGLZnZbPjEFAl8rLCgACgkQHpGLZnZb
PjE7fxAAjAQhiJDQqn3p5CLsrROEvmizTnUR2DpPzdpJS1sD6ygdwqefL5fB1OMu
G1hrs/5vPhhz1Kgif0FysfINg/+YTxnM6Coc/ulPCQ+SkfMwEsSdz1pyZKBUx16c
BVO+oMHjE9Ezy8TYXxVoit6E2uAWQEAIpelU5rCNJWZWAVahxGZzWsVgjzI6rooa
GiuTRswByGIbo+Yakwcjt4VgEl5yZN8Z6+gpAQ0cO8T1zQVx4DKDr5YLzEyWW66a
j5ZUaDhLXIYnS3DlHZkl78TfcootIbE1ZupOW2FYO1yJLYOJVZJG59Kgcq8cGYXF
0Jw3YRk4nQnqK00mUunfVS72VlLeiM4WpEe2wQW3aYbmcqJIV2NnNC5vhmsr3Yhk
rO2jSmZCihNjoUP+E/f3dk0ucOIdfkIVnpj2nbUo2S0NXAp8a+Ly8VGEnP+pcAYt
LI4ky9tBRPDFkAyR2JLBvUgh58UUdqxwDmPhFtEWjnjjCD0ifcC8wgW+ukHkYPz1
bYwo8suhwIw9qdLWhcN5nSJGq+l55atryxu80g/cfkcGOYpYzr0gdj/nL9xITRac
sjKdEpzQhQqNWBmLUnPkwMBqg0WrzZvkhEonaRxOx8VeAoDvNoUMlvMuoZTzqxff
5VB/3aPl4IDkeQkzO2hmZl8WyY+PXtASkgVLMGDD8rXv5yOC7qQ=
=IWL8
-----END PGP SIGNATURE-----
More information about the Groovy-changes
mailing list