Format: 1.8 Date: Mon, 01 Jul 2019 08:36:26 -0400 Source: flightcrew Binary: flightcrew libflightcrew-dev libflightcrew0v5 Architecture: amd64 all Version: 0.7.2+dfsg-13ubuntu1 Distribution: eoan-proposed Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Mike Salvatore Description: flightcrew - C++ epub validator libflightcrew-dev - C++ library development filesfor epub validation libflightcrew0v5 - C++ library for epub validation Changes: flightcrew (0.7.2+dfsg-13ubuntu1) eoan; urgency=medium . * SECURITY UPDATE: NULL pointer dereference (DoS) when processing a crafted EPUB file - debian/patches/CVE-2019-13032-1.patch: prevent segfault from malformed opf items in GetRelativePathToNcx() - debian/patches/CVE-2019-13032-2.patch: prevent segfault from malformed opf items in GetRelativePathsToXhtmlDocuments() - CVE-2019-13032 * SECURITY UPDATE: Zip Slip directory traversal when processing a crafted EPUB file - debian/patches/CVE-2019-13241-1.patch: try to make extracting epbs safer - debian/patches/CVE-2019-13241-2.patch: further harden zip extraction to always be safe - debian/patches/CVE-2019-13241-3.patch: harden further by throwing exception - CVE-2019-13241 * SECURITY UPDATE: Infinite loop leading to DoS and resource consumption - debian/patches/CVE-2019-13453.patch: Prevent infinite loop in zipios library by checking for EOF - CVE-2019-13453 Checksums-Sha1: 1bad35902c6be9fec8f84b87c4c87c027c845784 951628 flightcrew-dbgsym_0.7.2+dfsg-13ubuntu1_amd64.ddeb 216eedb1930d4350a2d58a19665058966431c651 13454 flightcrew_0.7.2+dfsg-13ubuntu1_amd64.buildinfo 134ff9e2b206ee4324dec87b17b46aceb813109b 66112 flightcrew_0.7.2+dfsg-13ubuntu1_amd64.deb 5007f70dbd572a6b4ccff532c4db7a0ccdee268a 7836 libflightcrew-dev_0.7.2+dfsg-13ubuntu1_all.deb 5826ef4dbffb6cbfadc00b15ffa26398bef50335 14431436 libflightcrew0v5-dbgsym_0.7.2+dfsg-13ubuntu1_amd64.ddeb 3c7d35f25579a8d6ed85f0ccae7171277dc89a14 365800 libflightcrew0v5_0.7.2+dfsg-13ubuntu1_amd64.deb Checksums-Sha256: a4bca29b37c1cf2eec14cc7aa1cf687ddcb58e0e86f7435c8008272ef539016f 951628 flightcrew-dbgsym_0.7.2+dfsg-13ubuntu1_amd64.ddeb 685a39861b0ed69735458c27f4978d2d10ed14fa626cfdd6cf2c2dbf33a42c71 13454 flightcrew_0.7.2+dfsg-13ubuntu1_amd64.buildinfo 76f383e43209d3625ee78ef4c071ddab1edd91311a043bf5e72355a70d661b3c 66112 flightcrew_0.7.2+dfsg-13ubuntu1_amd64.deb 7a623e75445d118f85b476f84d8e7973b2d7ddfa7cd744ab37ca1b33378d2279 7836 libflightcrew-dev_0.7.2+dfsg-13ubuntu1_all.deb dc883c4ffb7d9425964b4ea3cdd6e12a0cbd44508182485583ddc675ed144ad6 14431436 libflightcrew0v5-dbgsym_0.7.2+dfsg-13ubuntu1_amd64.ddeb 18dbde5c0e4d4a0d5502c27890d0492ae1696ae41d5a0566be96d82f50e1e896 365800 libflightcrew0v5_0.7.2+dfsg-13ubuntu1_amd64.deb Files: b24ea8f819d91d5f84b0fdd518e67dff 951628 debug optional flightcrew-dbgsym_0.7.2+dfsg-13ubuntu1_amd64.ddeb ccad7d90e49de689bd7f1ac962e4f188 13454 text optional flightcrew_0.7.2+dfsg-13ubuntu1_amd64.buildinfo 5e93dcf416516f998f2ca2b601ed996d 66112 text optional flightcrew_0.7.2+dfsg-13ubuntu1_amd64.deb 13b3b28c819f572ab69d8b7482ecd793 7836 libdevel optional libflightcrew-dev_0.7.2+dfsg-13ubuntu1_all.deb 7a48cca86cd05e281407f3c2c67f1c84 14431436 debug optional libflightcrew0v5-dbgsym_0.7.2+dfsg-13ubuntu1_amd64.ddeb 68021b161352a81d40aec4d180db80bd 365800 libs optional libflightcrew0v5_0.7.2+dfsg-13ubuntu1_amd64.deb Original-Maintainer: Mattia Rizzolo