[ubuntu/xenial-security] libebml 1.3.3-1ubuntu0.1 (Accepted)

Marc Deslauriers Thu, 25 Jul 2019 06:02:00 -0700

libebml (1.3.3-1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: heap-based out of bounds read
    - debian/patches/CVE-2019-13615-1.patch: check the max size to read
      before actually reading in src/EbmlElement.cpp.
    - debian/patches/CVE-2019-13615-2.patch: do not output an element with
      size Unknown if it's not allowed in src/EbmlElement.cpp.
    - debian/patches/CVE-2019-13615-3.patch: exit the max size loop when
      there's nothing left possible to find in src/EbmlElement.cpp.
    - debian/patches/CVE-2019-13615-4.patch: rework the way we look at the
      end boundary when looking an element in a parent in
      src/EbmlElement.cpp.
    - CVE-2019-13615


Date: 2019-07-24 18:09:13.562467+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/libebml/1.3.3-1ubuntu0.1

Sorry, changesfile not available.

-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] libebml 1.3.3-1ubuntu0.1 (Accepted)

Reply via email to