[ubuntu/trusty-security] jbig2dec 0.11+20120125-1ubuntu1.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed May 24 11:21:30 UTC 2017


jbig2dec (0.11+20120125-1ubuntu1.1) trusty-security; urgency=medium

  * SECURITY UPDATE: integer overflow in jbig2_image_new
    - debian/patches/CVE-2016-9601-pre*.patch: backport misc fixes.
    - debian/patches/CVE-2016-9601-1.patch: fix signed/unsigned warnings in
      jbig2.c, jbig2.h, jbig2_generic.c, jbig2_halftone.c, jbig2_huffman.c,
      jbig2_huffman.h, jbig2_image.c, jbig2_mmr.c, jbig2_page.c,
      jbig2_priv.h, jbig2_segment.c, jbig2_symbol_dict.c,
      jbig2_symbol_dict.h, jbig2_text.c, jbig2_text.h.
    - debian/patches/CVE-2016-9601-2.patch: fix warnings in jbig2_image.c,
      jbig2_mmr.c, jbig2_symbol_dict.c.
    - CVE-2016-9601
  * SECURITY UPDATE: integer overflow in big2_decode_symbol_dict
    - debian/patches/CVE-2017-7885.patch: add extra check to
      jbig2_symbol_dict.c.
    - CVE-2017-7885
  * SECURITY UPDATE: integer overflow in jbig2_build_huffman_table
    - debian/patches/CVE-2017-7975.patch: use uint32_t in jbig2_huffman.c.
    - CVE-2017-7975
  * SECURITY UPDATE: integer overflow in jbig2_image_compose
    - debian/patches/CVE-2017-7976.patch: add bounds check to
      jbig2_image.c.
    - CVE-2017-7976

Date: 2017-05-19 14:28:14.724787+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/jbig2dec/0.11+20120125-1ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list