-
djvulibre (3.5.27.1-5ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overread
- debian/patches/CVE-2019-15142-pre1.patch: fix lengths in
libdjvu/DjVmDir.cpp, libdjvu/miniexp.cpp, tools/csepdjvu.cpp.
- debian/patches/CVE-2019-15142.patch: add checks to
libdjvu/DjVmDir.cpp.
- CVE-2019-15142
* SECURITY UPDATE: infinite loop in bitmap reader
- debian/patches/CVE-2019-15143.patch: check return code in
libdjvu/GBitmap.cpp, libdjvu/DjVmDir.cpp.
- CVE-2019-15143
* SECURITY UPDATE: uncontrolled recursion in sorting
- debian/patches/CVE-2019-15144.patch: fix logic in
libdjvu/GContainer.h.
- CVE-2019-15144
* SECURITY UPDATE: out of bounds read
- debian/patches/CVE-2019-15145.patch: check bytes in
libdjvu/GBitmap.h.
- CVE-2019-15145
* SECURITY UPDATE: NULL pointer dereference in DJVU::filter_fv
- debian/patches/CVE-2019-18804.patch: add extra checks to
libdjvu/IW44EncodeCodec.cpp, tools/ddjvu.cpp.
- CVE-2019-18804
-- Marc Deslauriers <email address hidden> Wed, 20 Nov 2019 10:29:06 -0500
-
djvulibre (3.5.27.1-5) unstable; urgency=medium
* guard find command in debian/rules (closes: 806017)
* merge upstream update which works around qt5 issue (closes: 804888)
-- Barak A. Pearlmutter <email address hidden> Tue, 24 Nov 2015 15:58:16 +0000
-
djvulibre (3.5.27.1-4) unstable; urgency=medium
* merge minor upstream maintenance updates
-- Barak A. Pearlmutter <email address hidden> Wed, 28 Oct 2015 14:16:13 +0000
-
djvulibre (3.5.27.1-3) unstable; urgency=medium
* use mktemp in shell script if available (closes: #775193)
-- Barak A. Pearlmutter <email address hidden> Sun, 16 Aug 2015 14:03:10 +0200
