Publishing details

• Published on 2019-07-15
• Copied from ubuntu xenial in Private PPA for Ubuntu Security Team by Mike Salvatore

Changelog

flightcrew (0.7.2+dfsg-6ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: NULL pointer dereference (DoS) when processing crafted
    EPUB file
    - debian/patches/CVE-2019-13032-1.patch: prevent segfault from malformed
      opf items in GetRelativePathToNcx()
    - debian/patches/CVE-2019-13032-2.patch: prevent segfault from malformed
      opf items in GetRelativePathsToXhtmlDocuments()
    - CVE-2019-13032
  * SECURITY UPDATE: Zip Slip directory traversal when processing a crafted
    EPUB file
    - debian/patches/CVE-2019-13241-1.patch: try to make extracting epbs safer
    - debian/patches/CVE-2019-13241-2.patch: further harden zip extraction to
      always be safe
    - debian/patches/CVE-2019-13241-3.patch: harden further by throwing
      exception
    - CVE-2019-13241
  * SECURITY UPDATE: Infinite loop leading to DoS and resource consumption
    - debian/patches/CVE-2019-13453.patch: Prevent infinite loop in zipios
      library by checking for EOF
    - CVE-2019-13453

 -- Mike Salvatore <email address hidden>  Mon, 01 Jul 2019 15:30:43 -0400

Builds

• amd64
• arm64
• armhf
• i386
• powerpc
• ppc64el
• s390x

Built packages

• flightcrew C++ epub validator

• flightcrew-dbgsym debug symbols for package flightcrew

• libflightcrew-dev C++ library development filesfor epub validation

• libflightcrew0v5 C++ library for epub validation

• libflightcrew0v5-dbgsym debug symbols for package libflightcrew0v5

Package files

• flightcrew-dbgsym_0.7.2+dfsg-6ubuntu0.1_amd64.ddeb (573.4 KiB)
• flightcrew-dbgsym_0.7.2+dfsg-6ubuntu0.1_arm64.ddeb (566.5 KiB)
• flightcrew-dbgsym_0.7.2+dfsg-6ubuntu0.1_armhf.ddeb (551.9 KiB)
• flightcrew-dbgsym_0.7.2+dfsg-6ubuntu0.1_i386.ddeb (551.9 KiB)
• flightcrew-dbgsym_0.7.2+dfsg-6ubuntu0.1_powerpc.ddeb (537.2 KiB)
• flightcrew-dbgsym_0.7.2+dfsg-6ubuntu0.1_ppc64el.ddeb (592.3 KiB)
• flightcrew-dbgsym_0.7.2+dfsg-6ubuntu0.1_s390x.ddeb (537.1 KiB)
• flightcrew_0.7.2+dfsg-6ubuntu0.1.debian.tar.xz (10.5 KiB)
• flightcrew_0.7.2+dfsg-6ubuntu0.1.dsc (2.2 KiB)
• flightcrew_0.7.2+dfsg-6ubuntu0.1_amd64.deb (62.7 KiB)
• flightcrew_0.7.2+dfsg-6ubuntu0.1_arm64.deb (58.3 KiB)
• flightcrew_0.7.2+dfsg-6ubuntu0.1_armhf.deb (56.2 KiB)
• flightcrew_0.7.2+dfsg-6ubuntu0.1_i386.deb (63.4 KiB)
• flightcrew_0.7.2+dfsg-6ubuntu0.1_powerpc.deb (59.1 KiB)
• flightcrew_0.7.2+dfsg-6ubuntu0.1_ppc64el.deb (65.2 KiB)
• flightcrew_0.7.2+dfsg-6ubuntu0.1_s390x.deb (59.9 KiB)
• flightcrew_0.7.2+dfsg.orig.tar.gz (498.9 KiB)
• libflightcrew-dev_0.7.2+dfsg-6ubuntu0.1_all.deb (7.6 KiB)
• libflightcrew0v5-dbgsym_0.7.2+dfsg-6ubuntu0.1_amd64.ddeb (6.3 MiB)
• libflightcrew0v5-dbgsym_0.7.2+dfsg-6ubuntu0.1_arm64.ddeb (6.3 MiB)
• libflightcrew0v5-dbgsym_0.7.2+dfsg-6ubuntu0.1_armhf.ddeb (6.2 MiB)
• libflightcrew0v5-dbgsym_0.7.2+dfsg-6ubuntu0.1_i386.ddeb (6.2 MiB)
• libflightcrew0v5-dbgsym_0.7.2+dfsg-6ubuntu0.1_powerpc.ddeb (5.9 MiB)
• libflightcrew0v5-dbgsym_0.7.2+dfsg-6ubuntu0.1_ppc64el.ddeb (6.8 MiB)
• libflightcrew0v5-dbgsym_0.7.2+dfsg-6ubuntu0.1_s390x.ddeb (5.9 MiB)
• libflightcrew0v5_0.7.2+dfsg-6ubuntu0.1_amd64.deb (349.6 KiB)
• libflightcrew0v5_0.7.2+dfsg-6ubuntu0.1_arm64.deb (316.8 KiB)
• libflightcrew0v5_0.7.2+dfsg-6ubuntu0.1_armhf.deb (306.0 KiB)
• libflightcrew0v5_0.7.2+dfsg-6ubuntu0.1_i386.deb (364.7 KiB)
• libflightcrew0v5_0.7.2+dfsg-6ubuntu0.1_powerpc.deb (341.5 KiB)
• libflightcrew0v5_0.7.2+dfsg-6ubuntu0.1_ppc64el.deb (365.4 KiB)
• libflightcrew0v5_0.7.2+dfsg-6ubuntu0.1_s390x.deb (326.4 KiB)