[ubuntu/disco-updates] djvulibre (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Thu Nov 21 19:58:13 UTC 2019

djvulibre ( disco-security; urgency=medium

  * SECURITY UPDATE: heap-based buffer overread
    - debian/patches/CVE-2019-15142.patch: add checks to
    - CVE-2019-15142
  * SECURITY UPDATE: infinite loop in bitmap reader
    - debian/patches/CVE-2019-15143.patch: check return code in
      libdjvu/GBitmap.cpp, libdjvu/DjVmDir.cpp.
    - CVE-2019-15143
  * SECURITY UPDATE: uncontrolled recursion in sorting
    - debian/patches/CVE-2019-15144.patch: fix logic in
    - CVE-2019-15144
  * SECURITY UPDATE: out of bounds read
    - debian/patches/CVE-2019-15145.patch: check bytes in
    - CVE-2019-15145
  * SECURITY UPDATE: NULL pointer dereference in DJVU::filter_fv
    - debian/patches/CVE-2019-18804.patch: add extra checks to
      libdjvu/IW44EncodeCodec.cpp, tools/ddjvu.cpp.
    - CVE-2019-18804

Date: 2019-11-20 16:00:27.174307+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Disco-changes mailing list