[ubuntu/xenial-security] libquicktime 2:1.2.4-7+deb8u1ubuntu0.1 (Accepted)

Mike Salvatore mike.salvatore at canonical.com
Wed Sep 23 16:04:12 UTC 2020

libquicktime (2:1.2.4-7+deb8u1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS caused by infinite loop, heap-based buffer
    over-read/write, and null ptr dereference
    - debian/patches/CVE-2017-9122-9218.patch: Add some sanity checks and
      adjust integer types to avoid memory handling errors.
    - CVE-2017-9122
    - CVE-2017-9123
    - CVE-2017-9124
    - CVE-2017-9125
    - CVE-2017-9126
    - CVE-2017-9127
    - CVE-2017-9128

Date: 2020-09-23 15:33:13.018023+00:00
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Xenial-changes mailing list