[ubuntu/jammy-proposed] virglrenderer 0.9.1-1~exp1ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Mon Feb 28 19:33:12 UTC 2022 

virglrenderer (0.9.1-1~exp1ubuntu2) jammy; urgency=medium

  * SECURITY UPDATE: out-of-bounds write in read_transfer_data()
    - debian/patches/CVE-2022-0135.patch: Add test to resource OOB write
      and fix it in src/vrend_renderer.c, tests/test_fuzzer_formats.c.
    - CVE-2022-0135
  * SECURITY UPDATE: info leak in vrend_resource_alloc_buffer()
    - debian/patches/CVE-2022-0175.patch: clear memory when allocating a
      host-backed memory resource in src/vrend_renderer.c,
      tests/test_virgl_transfer.c.
    - CVE-2022-0175

Date: Mon, 28 Feb 2022 14:19:07 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/virglrenderer/0.9.1-1~exp1ubuntu2
-------------- next part --------------
Format: 1.8
Date: Mon, 28 Feb 2022 14:19:07 -0500
Source: virglrenderer
Built-For-Profiles: noudeb
Architecture: source
Version: 0.9.1-1~exp1ubuntu2
Distribution: jammy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 virglrenderer (0.9.1-1~exp1ubuntu2) jammy; urgency=medium
 .
   * SECURITY UPDATE: out-of-bounds write in read_transfer_data()
     - debian/patches/CVE-2022-0135.patch: Add test to resource OOB write
       and fix it in src/vrend_renderer.c, tests/test_fuzzer_formats.c.
     - CVE-2022-0135
   * SECURITY UPDATE: info leak in vrend_resource_alloc_buffer()
     - debian/patches/CVE-2022-0175.patch: clear memory when allocating a
       host-backed memory resource in src/vrend_renderer.c,
       tests/test_virgl_transfer.c.
     - CVE-2022-0175
Checksums-Sha1:
 c5e2911a3e190adb6dcab8d65029cd6168c17eff 2255 virglrenderer_0.9.1-1~exp1ubuntu2.dsc
 447bb585b7c06a35b590d554915c4a4c90a7c6b8 9332 virglrenderer_0.9.1-1~exp1ubuntu2.debian.tar.xz
 a4b05c4e6c24e8e8ed102775257834b193d6b55c 8997 virglrenderer_0.9.1-1~exp1ubuntu2_source.buildinfo
Checksums-Sha256:
 4e2bf2fb175c7e8fe443046a1034d3a347ef2e25fdb44daf544e884e0626b680 2255 virglrenderer_0.9.1-1~exp1ubuntu2.dsc
 5ac6a2e0108ab713aecdb622df4684026e13c2f65b746c94434bc3e84194d111 9332 virglrenderer_0.9.1-1~exp1ubuntu2.debian.tar.xz
 fd4688826c4e07a86dabf1d0565d01cc09e09d34687df8b38bf1f7f7486edda7 8997 virglrenderer_0.9.1-1~exp1ubuntu2_source.buildinfo
Files:
 133d2a31e17d73abfec0437a7906a680 2255 libs optional virglrenderer_0.9.1-1~exp1ubuntu2.dsc
 68aae0865a93d1c28eafaa7ac93c76eb 9332 libs optional virglrenderer_0.9.1-1~exp1ubuntu2.debian.tar.xz
 a67a13510524394f4f8010938c7c43c6 8997 libs optional virglrenderer_0.9.1-1~exp1ubuntu2_source.buildinfo
Original-Maintainer: Gert Wollny <gewo at debian.org>

More information about the jammy-changes mailing list