flightcrew 0.7.2+dfsg-6ubuntu0.1 source package in Ubuntu

Changelog

flightcrew (0.7.2+dfsg-6ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: NULL pointer dereference (DoS) when processing crafted
    EPUB file
    - debian/patches/CVE-2019-13032-1.patch: prevent segfault from malformed
      opf items in GetRelativePathToNcx()
    - debian/patches/CVE-2019-13032-2.patch: prevent segfault from malformed
      opf items in GetRelativePathsToXhtmlDocuments()
    - CVE-2019-13032
  * SECURITY UPDATE: Zip Slip directory traversal when processing a crafted
    EPUB file
    - debian/patches/CVE-2019-13241-1.patch: try to make extracting epbs safer
    - debian/patches/CVE-2019-13241-2.patch: further harden zip extraction to
      always be safe
    - debian/patches/CVE-2019-13241-3.patch: harden further by throwing
      exception
    - CVE-2019-13241
  * SECURITY UPDATE: Infinite loop leading to DoS and resource consumption
    - debian/patches/CVE-2019-13453.patch: Prevent infinite loop in zipios
      library by checking for EOF
    - CVE-2019-13453

 -- Mike Salvatore <email address hidden>  Mon, 01 Jul 2019 15:30:43 -0400

Upload details

Uploaded by:
Mike Salvatore on 2019-07-11
Uploaded to:
Xenial
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
text
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Xenial updates on 2019-07-15 universe misc
Xenial security on 2019-07-15 universe misc

Downloads

File Size SHA-256 Checksum
flightcrew_0.7.2+dfsg.orig.tar.gz 498.9 KiB e65a3f639fd601c008b1e1f4c434098dbb1628839a6f8614a3b69d47aa057d1d
flightcrew_0.7.2+dfsg-6ubuntu0.1.debian.tar.xz 10.5 KiB 8aa969321dee3dcb0547ac37df8e4679d78dc64ef66b4405eba6db3107cf459e
flightcrew_0.7.2+dfsg-6ubuntu0.1.dsc 2.2 KiB 0564411cfdf1ae7f6a91c6d78aafcdb8d86df4fbd27b1e99069cea2c134aa699

View changes file

Binary packages built by this source

flightcrew: C++ epub validator

 FlightCrew is an epub validator written in C++. It is used by sigil
 to validate epub files, and may be generally useful for other epub
 creation utilities.

flightcrew-dbgsym: debug symbols for package flightcrew

 FlightCrew is an epub validator written in C++. It is used by sigil
 to validate epub files, and may be generally useful for other epub
 creation utilities.

libflightcrew-dev: C++ library development filesfor epub validation

 FlightCrew is an epub validator written in C++. It is used by sigil
 to validate epub files, and may be generally useful for other epub
 creation utilities.
 .
 This package contains the development headers.

libflightcrew0v5: C++ library for epub validation

 FlightCrew is an epub validator written in C++. It is used by sigil
 to validate epub files, and may be generally useful for other epub
 creation utilities.
 .
 This package contains the shared library.

libflightcrew0v5-dbgsym: debug symbols for package libflightcrew0v5

 FlightCrew is an epub validator written in C++. It is used by sigil
 to validate epub files, and may be generally useful for other epub
 creation utilities.
 .
 This package contains the shared library.