Format: 1.8
Date: Mon, 01 Jul 2019 08:36:26 -0400
Source: flightcrew
Binary: flightcrew libflightcrew0v5
Architecture: armhf
Version: 0.7.2+dfsg-13ubuntu1
Distribution: eoan-proposed
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-022.buildd>
Changed-By: Mike Salvatore <mike.salvatore@canonical.com>
Description:
 flightcrew - C++ epub validator
 libflightcrew0v5 - C++ library for epub validation
Changes:
 flightcrew (0.7.2+dfsg-13ubuntu1) eoan; urgency=medium
 .
   * SECURITY UPDATE: NULL pointer dereference (DoS) when processing a crafted
     EPUB file
     - debian/patches/CVE-2019-13032-1.patch: prevent segfault from malformed
       opf items in GetRelativePathToNcx()
     - debian/patches/CVE-2019-13032-2.patch: prevent segfault from malformed
       opf items in GetRelativePathsToXhtmlDocuments()
     - CVE-2019-13032
   * SECURITY UPDATE: Zip Slip directory traversal when processing a crafted
     EPUB file
     - debian/patches/CVE-2019-13241-1.patch: try to make extracting epbs safer
     - debian/patches/CVE-2019-13241-2.patch: further harden zip extraction to
       always be safe
     - debian/patches/CVE-2019-13241-3.patch: harden further by throwing
       exception
     - CVE-2019-13241
   * SECURITY UPDATE: Infinite loop leading to DoS and resource consumption
     - debian/patches/CVE-2019-13453.patch: Prevent infinite loop in zipios
       library by checking for EOF
     - CVE-2019-13453
Checksums-Sha1:
 5d9f35496444bbd23c37da3474151fc8997d1305 916012 flightcrew-dbgsym_0.7.2+dfsg-13ubuntu1_armhf.ddeb
 58e1619bdd0b2255aed0979481428d4a2acb21d4 13545 flightcrew_0.7.2+dfsg-13ubuntu1_armhf.buildinfo
 2c724710b1e434f408542e2e7b22666ad113810f 56564 flightcrew_0.7.2+dfsg-13ubuntu1_armhf.deb
 0027cdc039db4c5e296049a9e5807541897d2e14 12791656 libflightcrew0v5-dbgsym_0.7.2+dfsg-13ubuntu1_armhf.ddeb
 586f8e8c1b5c156ff31da92e746b2dc21ccdf879 323616 libflightcrew0v5_0.7.2+dfsg-13ubuntu1_armhf.deb
Checksums-Sha256:
 df53919ddc7d2da9271effda0f60edc73a89b0529a93dbffa537118ed29e046e 916012 flightcrew-dbgsym_0.7.2+dfsg-13ubuntu1_armhf.ddeb
 f8d475a197fbcdd9283bbbb6a6acc4515ee7d69cc303f132b811d8d8a9056e91 13545 flightcrew_0.7.2+dfsg-13ubuntu1_armhf.buildinfo
 469841c010d3902ee03343409529659aaf5010ec6ea5386b66734407b105d6df 56564 flightcrew_0.7.2+dfsg-13ubuntu1_armhf.deb
 50048b5a6315db8c414f527be044f96539267846a03fa62f5a44c0f460eb5927 12791656 libflightcrew0v5-dbgsym_0.7.2+dfsg-13ubuntu1_armhf.ddeb
 3e91b5cfaa8a09893066d68334bdabba1d3bfa3034095943b72252d0eacf7f68 323616 libflightcrew0v5_0.7.2+dfsg-13ubuntu1_armhf.deb
Files:
 f4e9564264c649450efdee4bbf374137 916012 debug optional flightcrew-dbgsym_0.7.2+dfsg-13ubuntu1_armhf.ddeb
 4b961cafc34bc7b8251ca3d76ba5df2b 13545 text optional flightcrew_0.7.2+dfsg-13ubuntu1_armhf.buildinfo
 24f8a13f3752bd0f6617d73252f0c053 56564 text optional flightcrew_0.7.2+dfsg-13ubuntu1_armhf.deb
 a0b5fbe07fd190e96d6f78aa562e251d 12791656 debug optional libflightcrew0v5-dbgsym_0.7.2+dfsg-13ubuntu1_armhf.ddeb
 74876258f92ee4ebad8c1b0892ac5435 323616 libs optional libflightcrew0v5_0.7.2+dfsg-13ubuntu1_armhf.deb
Original-Maintainer: Mattia Rizzolo <mattia@debian.org>