flightcrew 0.7.2+dfsg-13ubuntu0.19.04.1 source package in Ubuntu

Changelog

flightcrew (0.7.2+dfsg-13ubuntu0.19.04.1) disco-security; urgency=medium

  * SECURITY UPDATE: NULL pointer dereference (DoS) when processing a crafted
    EPUB file
    - debian/patches/CVE-2019-13032-1.patch: prevent segfault from malformed
      opf items in GetRelativePathToNcx()
    - debian/patches/CVE-2019-13032-2.patch: prevent segfault from malformed
      opf items in GetRelativePathsToXhtmlDocuments()
    - CVE-2019-13032
  * SECURITY UPDATE: Zip Slip directory traversal when processing a crafted
    EPUB file
    - debian/patches/CVE-2019-13241-1.patch: try to make extracting epbs safer
    - debian/patches/CVE-2019-13241-2.patch: further harden zip extraction to
      always be safe
    - debian/patches/CVE-2019-13241-3.patch: harden further by throwing
      exception
    - CVE-2019-13241
  * SECURITY UPDATE: Infinite loop leading to DoS and resource consumption
    - debian/patches/CVE-2019-13453.patch: Prevent infinite loop in zipios
      library by checking for EOF
    - CVE-2019-13453

 -- Mike Salvatore <email address hidden>  Mon, 01 Jul 2019 09:28:40 -0400

Upload details

Uploaded by:
Mike Salvatore on 2019-07-11
Uploaded to:
Disco
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
text
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Disco updates on 2019-07-15 universe misc
Disco security on 2019-07-15 universe misc

Downloads

File Size SHA-256 Checksum
flightcrew_0.7.2+dfsg.orig.tar.gz 498.9 KiB e65a3f639fd601c008b1e1f4c434098dbb1628839a6f8614a3b69d47aa057d1d
flightcrew_0.7.2+dfsg-13ubuntu0.19.04.1.debian.tar.xz 11.5 KiB 97402de8f4298889f573ea4ef25def831f56eba7c2856dbfe7e5a21e31ba6ddb
flightcrew_0.7.2+dfsg-13ubuntu0.19.04.1.dsc 2.3 KiB e5913348df5b79d076b4dda2b52e62833a97f985eaed1a4f0c2cbdcf98716b2c

View changes file

Binary packages built by this source

flightcrew: C++ epub validator

 FlightCrew is an epub validator written in C++. It is used by sigil
 to validate epub files, and may be generally useful for other epub
 creation utilities.

flightcrew-dbgsym: debug symbols for flightcrew
libflightcrew-dev: C++ library development filesfor epub validation

 FlightCrew is an epub validator written in C++. It is used by sigil
 to validate epub files, and may be generally useful for other epub
 creation utilities.
 .
 This package contains the development headers.

libflightcrew0v5: C++ library for epub validation

 FlightCrew is an epub validator written in C++. It is used by sigil
 to validate epub files, and may be generally useful for other epub
 creation utilities.
 .
 This package contains the shared library.

libflightcrew0v5-dbgsym: debug symbols for libflightcrew0v5