-
libebml (1.3.5-2ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: heap-based out of bounds read
- debian/patches/CVE-2019-13615-1.patch: check the max size to read
before actually reading in src/EbmlElement.cpp.
- debian/patches/CVE-2019-13615-2.patch: do not output an element with
size Unknown if it's not allowed in src/EbmlElement.cpp.
- debian/patches/CVE-2019-13615-3.patch: exit the max size loop when
there's nothing left possible to find in src/EbmlElement.cpp.
- debian/patches/CVE-2019-13615-4.patch: rework the way we look at the
end boundary when looking an element in a parent in
src/EbmlElement.cpp.
- CVE-2019-13615
-- Marc Deslauriers <email address hidden> Wed, 24 Jul 2019 13:32:41 -0400
-
libebml (1.3.5-2) unstable; urgency=medium
* Re-enable changes made with 1.3.4-2 revision
and dropped by mistake in 1.3.5-1 (Closes: #870797)
-- Matteo F. Vescovi <email address hidden> Sun, 27 Aug 2017 22:25:13 +0200
-
libebml (1.3.4-2) unstable; urgency=medium
* Team upload.
* Rebuild with GCC 7 to fix FTBFS of reverse-dependencies. (Closes: #870797)
- Build-depend on gcc >= 7.
- Update shlibs to ensure rdeps pull in the new version.
* debian/compat: Use debhelper compat 10.
* debian/libebml-dev.files: Remove.
-- James Cowgill <email address hidden> Sat, 05 Aug 2017 15:54:14 -0400
