[ubuntu/trusty-security] capnproto 0.4.0-1ubuntu2.1 (Accepted)
Eduardo dos Santos Barretto
eduardo.barretto at canonical.com
Tue Jul 31 18:14:27 UTC 2018
capnproto (0.4.0-1ubuntu2.1) trusty-security; urgency=medium
* SECURITY UPDATE: Integer overflow in pointer validation.
- debian/patches/CVE-2015-2310.patch: fix in src/capnp/layout.c++
- CVE-2015-2310
* SECURITY UPDATE: Integer underflow in pointer validation.
- debian/patches/CVE-2015-2311.patch: fix in src/capnp/layout.c++
- CVE-2015-2311
* SECURITY UPDATE: CPU usage amplification attack.
- debian/patches/CVE-2015-2312.patch: fix in src/capnp/arena.h,
src/capnp/encoding-test.c++ and src/capnp/layout.c++
- CVE-2015-2312
* SECURITY UPDATE: CPU additional CPU amplification case.
- debian/patches/CVE-2015-2313.patch: fix in src/capnp/layout.c++
and src/capnp/encoding-test.c++
- CVE-2015-2313
* SECURITY UPDATE: Prevent compiler from eliding bounds checks.
- debian/patches/CVE-2017-7892.patch: fix in src/capnp/arena.h
- CVE-2017-7892
Date: 2018-07-31 12:57:18.048380+00:00
Changed-By: Eduardo dos Santos Barretto <eduardo.barretto at canonical.com>
https://launchpad.net/ubuntu/+source/capnproto/0.4.0-1ubuntu2.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list