[ubuntu/bionic-security] liblouis 3.5.0-1ubuntu0.5 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Tue Apr 4 15:06:37 UTC 2023
liblouis (3.5.0-1ubuntu0.5) bionic-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2023-26767.patch: check the length
of path before copying indo dataPath in
liblouis/compileTranslationTable.c, liblouis/liblouis.h.in.
- CVE-2023-26767
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2023-26768-1.patch: check filename before
coping to initialLogFileName in liblouis/logging.c.
- debian/patches/CVE-2023-26768-2.patch: replace the magic
number with a define in liblouis/logging.c.
- CVE-2023-26768
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2023-26769-1.patch: check path length
before coping into tableFile in liblouis/compileTranslationTable.c.
- debian/patches/CVE-2023-26769-2.patch: fix format in
liblouis/compileTranslationTable.c.
- debian/patches/CVE-2023-26769-3.patch: add parentheses for
define expression in liblouis/compileTranslationTable.c.
- CVE-2023-26769
Date: 2023-03-27 13:39:08.718739+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/liblouis/3.5.0-1ubuntu0.5
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list