Debian
zbar package

zbar 0.23.92-9 source package in Debian

Changelog

zbar (0.23.92-9) unstable; urgency=high

  * Non-maintainer upload.
  * Fix two security bug (Closes: #1051724):
    - Fix CVE-2023-40889: A heap-based buffer overflow existed
      in the qr_reader_match_centers function.
      Specially crafted QR codes may lead to information disclosure
      and/or arbitrary code execution. To trigger this
      vulnerability, an attacker can digitally input the
      malicious QR code, or prepare it to be physically scanned
      by the vulnerable scanner.
    - Fix CVE-2023-40890: A stack overflow was present in lookup_sequence
      function of ZBar 0.23.90. Specially crafted QR codes may lead
      to information disclosure and/or arbitrary code execution.
      To trigger this vulnerability, an attacker can digitally input
      the malicious QR code, or prepare it to be physically scanned
      by the vulnerable scanner.

 -- Bastien Roucariès <email address hidden>  Thu, 30 Nov 2023 11:19:08 +0000

Upload details

Uploaded by:
Boyuan Yang
Uploaded to:
Sid
Original maintainer:
Boyuan Yang
Architectures:
any
Section:
libs
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
zbar_0.23.92-9.dsc 2.7 KiB 2032db98c18162e57da823fbdfcca2a8c2df77d14092546e020591203059b30c
zbar_0.23.92.orig.tar.gz 981.8 KiB dffc16695cb6e42fa318a4946fd42866c0f5ab735f7eaf450b108d1c3a19b4ba
zbar_0.23.92-9.debian.tar.xz 13.6 KiB 54494d1e17adbda88231cd9a8790cadc92633af8fd579c34ae0e1cebd13c2dd8

Available diffs

No changes file available.

Binary packages built by this source