[ubuntu/plucky-proposed] raptor2 2.0.16-4ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Feb 25 13:35:18 UTC 2025 

raptor2 (2.0.16-4ubuntu1) plucky; urgency=medium

  * SECURITY UPDATE: heap overread when parsing triples
    - debian/patches/CVE-2024-57822.patch: only allow looking at the last
      character of a bnode ID only if bnode length >0 in
      src/raptor_ntriples.c.
    - debian/patches/CVE-2024-5782x-tests.patch: added test in
      configure.ac, tests/Makefile.am, tests/bugs/Makefile.am,
      tests/bugs/issue70b.c.
    - CVE-2024-57822
  * SECURITY UPDATE: integer overflow when normalizing a URI
    - debian/patches/CVE-2024-57823.patch: return empty buffer if path gets
      to 0 length in src/raptor_rfc2396.c.
    - debian/patches/CVE-2024-5782x-tests.patch: added test in
      configure.ac, tests/Makefile.am, tests/bugs/Makefile.am,
      tests/bugs/issue70a.c.
    - CVE-2024-57823

Date: Tue, 25 Feb 2025 07:53:56 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/raptor2/2.0.16-4ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 25 Feb 2025 07:53:56 -0500
Source: raptor2
Built-For-Profiles: noudeb
Architecture: source
Version: 2.0.16-4ubuntu1
Distribution: plucky
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 raptor2 (2.0.16-4ubuntu1) plucky; urgency=medium
 .
   * SECURITY UPDATE: heap overread when parsing triples
     - debian/patches/CVE-2024-57822.patch: only allow looking at the last
       character of a bnode ID only if bnode length >0 in
       src/raptor_ntriples.c.
     - debian/patches/CVE-2024-5782x-tests.patch: added test in
       configure.ac, tests/Makefile.am, tests/bugs/Makefile.am,
       tests/bugs/issue70b.c.
     - CVE-2024-57822
   * SECURITY UPDATE: integer overflow when normalizing a URI
     - debian/patches/CVE-2024-57823.patch: return empty buffer if path gets
       to 0 length in src/raptor_rfc2396.c.
     - debian/patches/CVE-2024-5782x-tests.patch: added test in
       configure.ac, tests/Makefile.am, tests/bugs/Makefile.am,
       tests/bugs/issue70a.c.
     - CVE-2024-57823
Checksums-Sha1:
 2e6ecd8e45d25e2d44bd8ae1fe3fe77237c3abce 2261 raptor2_2.0.16-4ubuntu1.dsc
 6cb17ff5b5866bbec71ca6ee87b3aa92a7887ddb 20624 raptor2_2.0.16-4ubuntu1.debian.tar.xz
 f6d5f7966fce936bdd5548bc9070434227970470 9838 raptor2_2.0.16-4ubuntu1_source.buildinfo
Checksums-Sha256:
 b202d5006c71cd4a90520e54301b4f7e0535c43ae5465fc3e989d7ec0fcc4ec8 2261 raptor2_2.0.16-4ubuntu1.dsc
 a6cbf2832c9a40dbe674fd33253b51dbbf3dbc87a48c433f63ca6d500c7bd07b 20624 raptor2_2.0.16-4ubuntu1.debian.tar.xz
 d98e940382fb47c32b7f8f409b1843da3d2e559dd3352481c90155ec59a4323e 9838 raptor2_2.0.16-4ubuntu1_source.buildinfo
Files:
 5e39d43d6b3d2ebe493d67d74e2539e7 2261 devel optional raptor2_2.0.16-4ubuntu1.dsc
 5f097b6d0468ad1b5baca104de244ec3 20624 devel optional raptor2_2.0.16-4ubuntu1.debian.tar.xz
 f6b905a19aa36551f774c5eeddf21cf7 9838 devel optional raptor2_2.0.16-4ubuntu1_source.buildinfo
Original-Maintainer: Debian QA Group <packages at qa.debian.org>

More information about the plucky-changes mailing list