[ubuntu/hirsute-proposed] libmaxminddb 1.4.2-0ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Wed Nov 11 18:24:14 UTC 2020 

libmaxminddb (1.4.2-0ubuntu2) hirsute; urgency=medium

  * SECURITY UPDATE: heap overread in dump_entry_data_list
    - debian/patches/CVE-2020-28241.patch: replace most malloc uses with
      calloc in bin/mmdblookup.c, doc/libmaxminddb.md, src/maxminddb.c.
    - CVE-2020-28241

Date: Wed, 11 Nov 2020 13:01:07 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/libmaxminddb/1.4.2-0ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 11 Nov 2020 13:01:07 -0500
Source: libmaxminddb
Architecture: source
Version: 1.4.2-0ubuntu2
Distribution: hirsute
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 libmaxminddb (1.4.2-0ubuntu2) hirsute; urgency=medium
 .
   * SECURITY UPDATE: heap overread in dump_entry_data_list
     - debian/patches/CVE-2020-28241.patch: replace most malloc uses with
       calloc in bin/mmdblookup.c, doc/libmaxminddb.md, src/maxminddb.c.
     - CVE-2020-28241
Checksums-Sha1:
 792f76cd8ae952c74a3bb9f518427e346dcf4445 2209 libmaxminddb_1.4.2-0ubuntu2.dsc
 c3d5263891e5188b63cbb1145ed65bfb0fb84584 7108 libmaxminddb_1.4.2-0ubuntu2.debian.tar.xz
 e5fd4ada0f306e00e180560fcb5080f2a533caca 6277 libmaxminddb_1.4.2-0ubuntu2_source.buildinfo
Checksums-Sha256:
 a2fd2b132d1166c01679a6215b51533fd07bb2f330e37ce0c60e76f3a1846113 2209 libmaxminddb_1.4.2-0ubuntu2.dsc
 3dff17c538899a3329de91e3609ba9e35331587122d2d6f815c71729a6592322 7108 libmaxminddb_1.4.2-0ubuntu2.debian.tar.xz
 43b3355792668225ef1fb7a7792065fba2bda1611924ddc15429036cf4aabadc 6277 libmaxminddb_1.4.2-0ubuntu2_source.buildinfo
Files:
 cc34fa3f4379490c5f6c8d5ad6aeb6c1 2209 net optional libmaxminddb_1.4.2-0ubuntu2.dsc
 68c92508c30913644359a4ed31abd0ce 7108 net optional libmaxminddb_1.4.2-0ubuntu2.debian.tar.xz
 67032e1beaef8c2c20f2366c78d78c12 6277 net optional libmaxminddb_1.4.2-0ubuntu2_source.buildinfo
Original-Maintainer: Faidon Liambotis <paravoid at debian.org>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl+sK7gACgkQZWnYVadE
vpPVZw//XwGhjBvdT9Xs/jmQ3jQjQe/jx/pNiQ08Ug7wufIB7jiFYzyLXIjoF/Cz
/w81svnRzkUkS4y+yOevLPDeMIharSVK3FG6pJucNWO9HH+kLWDn6hBejElTe6o5
OXwkuajVKkhGq4aOObj02MwsMe6XQQ6P2g1Q9mI4SNXNOyGBSzSQ7B/5Nk/TflBu
KO7eIKFSlTEd6l1VSjeFQ615UGYaTXUGH0dcNPPpsrbZbWSAFVoudBr15VZBSldy
3tU1sVTJ7UeKDCgsNjrm4o03TxWxleO3lRlupmrxCD2wGNArqSPDzOgMRGImYfmX
E4IU02neRE/HW2ZlAP87sDo5TQFa1ohKVKXgcBKJTXHAbAPQEtgyWgIkT5LryNwl
81oj8RSeAQyk7E3xnE48k03KOipNukl7bfFQVfuHC9151oG4KqvRmrkAx12T8isx
kTHxKZg9mSdgwwlckRte6c//slAqYWysLBAsYomq3uI96pRDiSxSjp4mcJJriSU/
/fRHkrLdFZCM2IgZmy89wqh3r/kZjFmHnf92ejQ1pKrT4BOcO1r9hcsHzfojPTgG
ZOXRssoStjCcCcmVO9D+IG+63LxQ7cBh0V87vBZ3Pj6gBnn2dcMkS7qtlZMpARXU
FS/GvGa8NtgRnA4MeI6xbJ/qIbyLpp24sSr3Xhwiu9xDm3VPtoE=
=0fwc
-----END PGP SIGNATURE-----

More information about the Hirsute-changes mailing list