[ubuntu/jammy-updates] libde265 1.0.8-1ubuntu0.2 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Mon Feb 26 19:58:27 UTC 2024

libde265 (1.0.8-1ubuntu0.2) jammy-security; urgency=medium

  * SECURITY UPDATE: read-out-of-bounds
    - debian/patches/CVE-2022-43245.patch: fix illegal table access
      when input pixel is out of range.
    - CVE-2022-43245
  * SECURITY UPDATE: heap-buffer-overflow
    - debian/patches/CVE-2022-43249.patch: checking in MC whether
      bit-depths match.
    - CVE-2022-43244
    - CVE-2022-43249
    - CVE-2022-43250
  * SECURITY UPDATE: heap-buffer-overflow
    - debian/patches/CVE-2022-47665.patch: image's ctb_info has to be
      reallocated also when dimensions change even if total number of
      CTBs stays the same.
    - CVE-2022-47665
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2023-24751.patch: another MC fix for
      monochroma images.
    - CVE-2023-24751
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2023-24752.patch: another MC fix for
      monochroma images.
    - CVE-2023-24752
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2023-24754.patch: fix for monochrome MC.
    - CVE-2023-24754
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2023-24755.patch: fix for monochrome MC.
    - CVE-2023-24755
    - CVE-2023-24756
    - CVE-2023-24757
    - CVE-2023-24758
  * SECURITY UPDATE: heap-buffer-overflow
    - debian/patches/CVE-2023-25221.patch: check for invalid refIdx.
    - CVE-2023-25221
  * Add patches:
    - debian/patches/mc-for-mono-images.patch

Date: 2024-02-14 20:18:10.076019+00:00
Changed-By: Fabian Toepfer <fabian.toepfer at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the jammy-changes mailing list