[ubuntu/focal-updates] tidy-html5 2:5.6.0-11ubuntu0.20.04.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Wed Nov 15 14:58:17 UTC 2023
tidy-html5 (2:5.6.0-11ubuntu0.20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: arbitrary code exec via recursive parsing
- debian/patches/CVE-2021-33391-pre1.patch: introduce stack functions
in src/lexer.c, src/lexer.h.
- debian/patches/CVE-2021-33391.patch: refactor the recursion into a
loop with a heap-based stack in src/gdoc.c.
- CVE-2021-33391
Date: 2023-11-10 10:08:09.967071+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/tidy-html5/2:5.6.0-11ubuntu0.20.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list