Ubuntu
flightcrew package

flightcrew 0.7.2+dfsg-12ubuntu0.1 source package in Ubuntu

Changelog

flightcrew (0.7.2+dfsg-12ubuntu0.1) cosmic-security; urgency=medium

  * SECURITY UPDATE: NULL pointer dereference (DoS) when processing crafted
    EPUB file
    - debian/patches/CVE-2019-13032-1.patch: prevent segfault from malformed
      opf items in GetRelativePathToNcx()
    - debian/patches/CVE-2019-13032-2.patch: prevent segfault from malformed
      opf items in GetRelativePathsToXhtmlDocuments()
    - CVE-2019-13032
  * SECURITY UPDATE: Zip Slip directory traversal when processing a crafted
    EPUB file
    - debian/patches/CVE-2019-13241-1.patch: try to make extracting epbs safer
    - debian/patches/CVE-2019-13241-2.patch: further harden zip extraction to
      always be safe
    - debian/patches/CVE-2019-13241-3.patch: harden further by throwing
      exception
    - CVE-2019-13241
  * SECURITY UPDATE: Infinite loop leading to DoS and resource consumption
    - debian/patches/CVE-2019-13453.patch: Prevent infinite loop in zipios
      library by checking for EOF
    - CVE-2019-13453

 -- Mike Salvatore <email address hidden>  Mon, 01 Jul 2019 09:29:13 -0400

Upload details

Uploaded by:
Mike Salvatore
Uploaded to:
Cosmic
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
text
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
flightcrew_0.7.2+dfsg.orig.tar.gz 498.9 KiB e65a3f639fd601c008b1e1f4c434098dbb1628839a6f8614a3b69d47aa057d1d
flightcrew_0.7.2+dfsg-12ubuntu0.1.debian.tar.xz 11.5 KiB b8f79bc53ed208647ceebac71e59ddd348a73da3c214353ea07ab2bd800b3f9f
flightcrew_0.7.2+dfsg-12ubuntu0.1.dsc 2.3 KiB e7ca14305a12d09aca965b274717a6c1d4ee482dca7f15b176c292e48af2ab84

View changes file

Binary packages built by this source

flightcrew: No summary available for flightcrew in ubuntu cosmic.

No description available for flightcrew in ubuntu cosmic.

flightcrew-dbgsym: No summary available for flightcrew-dbgsym in ubuntu cosmic.

No description available for flightcrew-dbgsym in ubuntu cosmic.

libflightcrew-dev: No summary available for libflightcrew-dev in ubuntu cosmic.

No description available for libflightcrew-dev in ubuntu cosmic.

libflightcrew0v5: No summary available for libflightcrew0v5 in ubuntu cosmic.

No description available for libflightcrew0v5 in ubuntu cosmic.

libflightcrew0v5-dbgsym: No summary available for libflightcrew0v5-dbgsym in ubuntu cosmic.

No description available for libflightcrew0v5-dbgsym in ubuntu cosmic.