libcdio 2.0.0-2ubuntu0.2 source package in Ubuntu
Changelog
libcdio (2.0.0-2ubuntu0.2) focal-security; urgency=medium
* SECURITY UPDATE: buffer overflow
- debian/patches/CVE-2024-36600-1.patch: Allocates space for
growth and additional buffer in lib/iso9660/rock.c
- debian/patches/CVE-2024-36600-2.patch: Limits the maximum read
count to prevent an overflow in lib/driver/_cdio_stdio.c
- debian/patches/CVE-2024-36600-3.patch: Adds input validation to
unicode16_decode function in lib/udf/udf_fs.c
- debian/patches/CVE-2024-36600-4.patch: Adds bounds checking for
directory buffer size and total size calculation in
lib/iso9660/iso9660_fs.c
- debian/patches/CVE-2024-36600-5.patch: Fixes overflow in iso9660
dir read (32-bit) in lib/iso9660/iso9660_fs.c
- debian/patches/CVE-2024-36600-6.patch: Checks the validity of
i_extended_attr member in udf_get_lba() in lib/udf/udf_fs.c
- debian/patches/CVE-2024-36600-7.patch: Adds 32-bit size test
only when needed in lib/iso9660/iso9660_fs.c
- CVE-2024-36600
-- Bruce Cable <email address hidden> Mon, 24 Jun 2024 16:01:37 +1000
Upload details
- Uploaded by:
- Bruce Cable
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Focal | updates | main | libs | |
| Focal | security | main | libs |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libcdio_2.0.0.orig.tar.gz | 2.2 MiB | 1b481b5da009bea31db875805665974e2fc568e2b2afa516f4036733657cf958 |
| libcdio_2.0.0-2ubuntu0.2.debian.tar.xz | 12.9 KiB | 3a08e65142e68821a6c57d30d22e83153ca7867b71e310d75c97a2a75c9aea6c |
| libcdio_2.0.0-2ubuntu0.2.dsc | 2.0 KiB | 5e78bec3c87166fedd11e74ce7bf8a119286d55001e1dcc72724b653f4585dec |
Available diffs
Binary packages built by this source
- libcdio-dev: library to read and control CD-ROM (development files)
This package contains development files (headers and static library)
for the libcdio library.
.
This library is to encapsulate CD-ROM reading and
control. Applications wishing to be oblivious of the OS- and
device-dependant properties of a CD-ROM can use this library.
.
Some support for disk image types like BIN/CUE and NRG is available,
so applications that use this library also have the ability to read
disc images as though they were CD's.
- libcdio-utils: sample applications based on the CDIO libraries
This package contains a collection of small libcdio-based tools:
* cd-drive show CD-ROM drive characteristics
* cd-info show information about a CD or CD-image
* cd-paranoia an audio CD ripper
* cd-read read information from a CD or CD-image
* cdda-player a simple curses-based audio CD player
* iso-info show information about an ISO 9660 image
* iso-read read portions of an ISO 9660 image
* mmc-tool issue low-level commands to a CD drive
- libcdio-utils-dbgsym: debug symbols for libcdio-utils
- libcdio18: library to read and control CD-ROM
This library is to encapsulate CD-ROM reading and
control. Applications wishing to be oblivious of the OS- and
device-dependant properties of a CD-ROM can use this library.
.
Some support for disk image types like BIN/CUE and NRG is available,
so applications that use this library also have the ability to read
disc images as though they were CD's.
- libcdio18-dbgsym: debug symbols for libcdio18
- libiso9660-11: library to work with ISO9660 filesystems
This library is made to read and write ISO9660 filesystems; those
filesystems are mainly used on CDROMs.
- libiso9660-11-dbgsym: debug symbols for libiso9660-11
- libiso9660-dev: library to work with ISO9660 filesystems (development files)
This package contains development files (headers and static library)
for the libiso9660 library.
.
This library is made to read and write ISO9660 filesystems; those
filesystems are mainly used on CDROMs.
- libudf-dev: library to work with UDF filesystems (development files)
This package contains development files (headers and static library)
for the libudf library.
.
This library is made to read and write UDF filesystems; those
filesystems are mainly used on DVDs.
- libudf0: library to work with UDF filesystems
This library is made to read and write UDF filesystems; those
filesystems are mainly used on DVDs.
- libudf0-dbgsym: debug symbols for libudf0
