[ubuntu/noble-updates] libmobi 0.11+dfsg-1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Sat Mar 30 00:22:41 UTC 2024
libmobi (0.11+dfsg-1) unstable; urgency=medium
* New upstream release.
* fixed multiple buffer over-reads and null pointer dereferences that can be
triggered with crafted input. The security impact of these bugs is low,
they can cause crashes. These bugs were identified by extensive fuzzing by
various researchers: jimoyong, dupingxin (NSFOCUS Tianji Lab), jieyongma
(TDHX ICS Security), cnitlrt, beidasoft-cobot-oss-fuzz, han0nly.
Some of these vulnerabilities has been assigned CVEs:
CVE-2022-1533, CVE-2022-1534, CVE-2022-1907, CVE-2022-1908.
* fixed potential leak in dictionary parsing on corrupt data
* improved portability of encryption key generation
* updated Xcode and MSVC projects
Date: 2022-05-29 04:34:18.851416+00:00
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/libmobi/0.11+dfsg-1
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list