[ubuntu/lunar-updates] liblouis 3.24.0-1ubuntu0.1 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Tue May 23 15:58:13 UTC 2023

liblouis (3.24.0-1ubuntu0.1) lunar-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2023-26767.patch: check the length
      of path before copying indo dataPath in
      liblouis/compileTranslationTable.c, liblouis/liblouis.h.in.
    - CVE-2023-26767
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2023-26768-1.patch: check filename before
      coping to initialLogFileName in liblouis/logging.c.
    - debian/patches/CVE-2023-26768-2.patch: replace the magic
      number with a define in liblouis/logging.c.
    - CVE-2023-26768
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2023-26769-1.patch: check path length
      before coping into tableFile in liblouis/compileTranslationTable.c.
    - debian/patches/CVE-2023-26769-2.patch: fix format in
    - debian/patches/CVE-2023-26769-3.patch: add parentheses for
      define expression in liblouis/compileTranslationTable.c.
    - CVE-2023-26769

Date: 2023-05-22 14:25:08.245106+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the lunar-changes mailing list