[ubuntu/bionic-updates] sane-backends 1.0.27-1~experimental3ubuntu2.3 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Aug 24 13:28:28 UTC 2020
sane-backends (1.0.27-1~experimental3ubuntu2.3) bionic-security; urgency=medium
* SECURITY UPDATE: multiple issues in epsonds network discovery
- debian/patches/CVE-2020-12861_12864_12866.patch: disable network
autodiscovery in backend/epsonds.conf.in.
- CVE-2020-12861
- CVE-2020-12864
- CVE-2020-12866
* SECURITY UPDATE: out-of-bounds read in epsonds
- debian/patches/CVE-2020-12862.patch: do not read beyond the end of
the token in backend/epsonds-cmd.c.
- CVE-2020-12862
* SECURITY UPDATE: out-of-bounds read in epsonds
- debian/patches/CVE-2020-12863.patch: read only up to seven hexdigits
to determine payload size in backend/epsonds-cmd.c.
- CVE-2020-12863
* SECURITY UPDATE: heap buffer overflow in epsonds
- debian/patches/CVE-2020-12865.patch: check for overflow when reading
image data in backend/epsonds-cmd.c, backend/epsonds.c,
backend/epsonds.h.
- CVE-2020-12865
* SECURITY UPDATE: NULL pointer dereference in epson2
- debian/patches/CVE-2020-12867.patch: rewrite network I/O in
backend/epson2_net.c, backend/epson2_net.h.
- CVE-2020-12867
Date: 2020-08-21 15:53:31.814940+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/sane-backends/1.0.27-1~experimental3ubuntu2.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list