[ubuntu/jammy-updates] libde265 1.0.8-1ubuntu0.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Thu Feb 8 14:58:09 UTC 2024
libde265 (1.0.8-1ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: denial-of-service
- debian/patches/CVE-2021-35452.patch: fix check for valid PPS idx.
- CVE-2021-35452
* SECURITY UPDATE: heap-buffer-overflow
- debian/patches/CVE-2021-36408.patch: fix streams where SPS image
size changes without refreshing PPS.
- CVE-2021-36408
* SECURITY UPDATE: heap-buffer-overflow
- debian/patches/CVE-2021-36409.patch: fix assertion when reading
invalid scaling_list.
- CVE-2021-36409
* SECURITY UPDATE: stack-buffer-overflow
- debian/patches/CVE-2021-36410.patch: fix MC with HDR chroma, but
SDR luma.
- CVE-2021-36410
* SECURITY UPDATE: read-out-of-bounds
- debian/patches/CVE-2021-36411.patch: fix reading invalid images
where shdr references are NULL in part of the image.
- CVE-2021-36411
* SECURITY UPDATE: heap-buffer-overflow
- debian/patches/CVE-2022-1253.patch: error on out-of-range
cpb_cnt_minus1.
- CVE-2022-1253
* SECURITY UPDATE: stack-buffer-overflow
- debian/patches/CVE-2022-43236.patch: check that image bit-depth
matches SPS bit depth.
- CVE-2022-43235
- CVE-2022-43236
- CVE-2022-43248
- CVE-2022-43253
* SECURITY UPDATE: stack-buffer-overflow
- debian/patches/CVE-2022-43237.patch: check that image chroma
format matches the SPS chroma format.
- CVE-2022-43237
- CVE-2022-43243
- CVE-2022-43252
* SECURITY UPDATE: read-out-of-bounds
- debian/patches/CVE-2022-43238.patch: check that image size
matches sps.
- CVE-2022-43238
- CVE-2022-43239
- CVE-2022-43240
- CVE-2022-43241
- CVE-2022-43242
Date: 2024-02-07 19:58:10.723061+00:00
Changed-By: Fabian Toepfer <fabian.toepfer at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/libde265/1.0.8-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list