[ubuntu/hirsute-updates] djvulibre 3.5.28-1ubuntu0.1 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Mon May 17 17:28:35 UTC 2021


djvulibre (3.5.28-1ubuntu0.1) hirsute-security; urgency=medium

  * SECURITY UPDATE: Stack overflow
    - debian/patches/CVE-2021-3500.patch: prevent recursion in
      libdjvu/DjVuPort.cpp, libdjvu/DjVuPort.h.
    - CVE-2021-3500
  * SECURITY UPDATE: Out of bounds write
    - debian/patches/CVE-2021-32490.patch: add checks to
      libdjvu/IW44Image.cpp.
    - CVE-2021-32490
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2021-32491.patch: check for overflow in
      tools/ddjvu.cpp.
    - CVE-2021-32491
  * SECURITY UPDATE: Out of bounds read
    - debian/patches/CVE-2021-32492.patch: check pool in
      libdjvu/DataPool.cpp.
    - CVE-2021-32492
  * SECURITY UPDATE: Heap buffer overflow
    - debian/patches/CVE-2021-32493.patch: check row size in
      libdjvu/GBitmap.cpp.
    - CVE-2021-32493

Date: 2021-05-17 13:50:27.111405+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/djvulibre/3.5.28-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Hirsute-changes mailing list