[ubuntu/xenial-security] jbig2dec 0.12+20150918-1ubuntu0.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed May 24 11:21:30 UTC 2017
jbig2dec (0.12+20150918-1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: integer overflow in jbig2_image_new
- debian/patches/CVE-2016-9601-pre.patch: prevent checking too early in
jbig2.c.
- debian/patches/CVE-2016-9601-1.patch: fix signed/unsigned warnings in
jbig2.c, jbig2.h, jbig2_generic.c, jbig2_halftone.c, jbig2_huffman.c,
jbig2_huffman.h, jbig2_image.c, jbig2_mmr.c, jbig2_page.c,
jbig2_priv.h, jbig2_segment.c, jbig2_symbol_dict.c,
jbig2_symbol_dict.h, jbig2_text.c, jbig2_text.h.
- debian/patches/CVE-2016-9601-2.patch: fix warnings in jbig2_image.c,
jbig2_mmr.c, jbig2_symbol_dict.c.
- CVE-2016-9601
* SECURITY UPDATE: integer overflow in big2_decode_symbol_dict
- debian/patches/CVE-2017-7885.patch: add extra check to
jbig2_symbol_dict.c.
- CVE-2017-7885
* SECURITY UPDATE: integer overflow in jbig2_build_huffman_table
- debian/patches/CVE-2017-7975.patch: use uint32_t in jbig2_huffman.c.
- CVE-2017-7975
* SECURITY UPDATE: integer overflow in jbig2_image_compose
- debian/patches/CVE-2017-7976.patch: add bounds check to
jbig2_image.c.
- CVE-2017-7976
Date: 2017-05-19 14:00:37.082174+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/jbig2dec/0.12+20150918-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list