[ubuntu/noble-proposed] tidy-html5 2:5.6.0-11ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Fri Nov 10 09:17:13 UTC 2023 

tidy-html5 (2:5.6.0-11ubuntu1) noble; urgency=medium

  * SECURITY UPDATE: arbitrary code exec via recursive parsing
    - debian/patches/CVE-2021-33391-pre1.patch: introduce stack functions
      in src/lexer.c, src/lexer.h.
    - debian/patches/CVE-2021-33391.patch: refactor the recursion into a
      loop with a heap-based stack in src/gdoc.c.
    - CVE-2021-33391

Date: Fri, 10 Nov 2023 10:57:54 +0200
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/tidy-html5/2:5.6.0-11ubuntu1
-------------- next part --------------
Format: 1.8
Date: Fri, 10 Nov 2023 10:57:54 +0200
Source: tidy-html5
Built-For-Profiles: noudeb
Architecture: source
Version: 2:5.6.0-11ubuntu1
Distribution: noble
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 tidy-html5 (2:5.6.0-11ubuntu1) noble; urgency=medium
 .
   * SECURITY UPDATE: arbitrary code exec via recursive parsing
     - debian/patches/CVE-2021-33391-pre1.patch: introduce stack functions
       in src/lexer.c, src/lexer.h.
     - debian/patches/CVE-2021-33391.patch: refactor the recursion into a
       loop with a heap-based stack in src/gdoc.c.
     - CVE-2021-33391
Checksums-Sha1:
 43a611e63afb7a7accb956bac48de90a1d238e35 2155 tidy-html5_5.6.0-11ubuntu1.dsc
 f1c129a046b9835391657e99ef2898e1809c4f5d 22200 tidy-html5_5.6.0-11ubuntu1.debian.tar.xz
 3cef26c8599f46cc96b7ecdae5305dbc607cec1b 6992 tidy-html5_5.6.0-11ubuntu1_source.buildinfo
Checksums-Sha256:
 1aab6910f552eb6b5730e7a9f40f1a5884bb0cb126bd41e2862cdf3ae41ade6a 2155 tidy-html5_5.6.0-11ubuntu1.dsc
 5673b84982bbe75e3f71dad35a5a947a35077d000429df11f352acfc946ab7e7 22200 tidy-html5_5.6.0-11ubuntu1.debian.tar.xz
 36d0a36707b455c16e5d51ffe4fd84502f3b5ff79538f88412e94e5ffc56d56f 6992 tidy-html5_5.6.0-11ubuntu1_source.buildinfo
Files:
 9feb25964f7c47ba6306e49eb65e879f 2155 web optional tidy-html5_5.6.0-11ubuntu1.dsc
 0c7685261a834ef7eb15f2810017f1fc 22200 web optional tidy-html5_5.6.0-11ubuntu1.debian.tar.xz
 02af7512c260f59dee7a5c4350b99eab 6992 web optional tidy-html5_5.6.0-11ubuntu1_source.buildinfo
Original-Maintainer: Tidy HTML5 <tidy-html5 at packages.debian.org>

More information about the noble-changes mailing list