[ubuntu/mantic-proposed] liblouis 3.24.0-2 (Accepted)
Jeremy Bícha
jeremy.bicha at canonical.com
Fri Jun 2 22:46:55 UTC 2023
liblouis (3.24.0-2) unstable; urgency=high
* Team upload
* SECURITY UPDATE: Denial of service (Closes: #1033202)
- debian/patches/CVE-2023-26767.patch: check the length
of path before copying into dataPath in
liblouis/compileTranslationTable.c, liblouis/liblouis.h.in.
- CVE-2023-26767
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2023-26768-1.patch: check filename before
coping to initialLogFileName in liblouis/logging.c.
- debian/patches/CVE-2023-26768-2.patch: replace the magic
number with a define in liblouis/logging.c.
- CVE-2023-26768
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2023-26769-1.patch: check path length
before coping into tableFile in liblouis/compileTranslationTable.c.
- debian/patches/CVE-2023-26769-2.patch: fix format in
liblouis/compileTranslationTable.c.
- debian/patches/CVE-2023-26769-3.patch: add parentheses for
define expression in liblouis/compileTranslationTable.c.
- CVE-2023-26769
Date: 2023-06-02 22:27:19.199544+00:00
Signed-By: Jeremy Bícha <jeremy.bicha at canonical.com>
https://launchpad.net/ubuntu/+source/liblouis/3.24.0-2
-------------- next part --------------
Sorry, changesfile not available.
More information about the mantic-changes
mailing list