sigil 0.9.13+dfsg-1ubuntu0.1 source package in Ubuntu
Changelog
sigil (0.9.13+dfsg-1ubuntu0.1) disco-security; urgency=medium
* SECURITY UPDATE: Zip Slip directory traversal when processing a crafted
EPUB file
- debian/patches/CVE-2019-14452-1.patch: do not allow zip files to have
upward relative path sections.
- debian/patches/CVE-2019-14452-2.patch: further harden against malicious
epubs and produce error message.
- debian/patches/CVE-2019-14452-3.patch: harden plugin unzipping to
zip-slip attacks.
- CVE-2019-14452
-- Mike Salvatore <email address hidden> Wed, 31 Jul 2019 09:19:02 -0400
Upload details
- Uploaded by:
- Mike Salvatore
- Uploaded to:
- Disco
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- editors
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| sigil_0.9.13+dfsg.orig.tar.xz | 9.7 MiB | 9a5b2071f6ac7d2736acc802c328d25684ad2e5c65a233f40f00cc91dbb0ef77 |
| sigil_0.9.13+dfsg-1ubuntu0.1.debian.tar.xz | 16.6 KiB | 0141de356134e8c1a3a2f61c6540c9f9fcab14c2013989bf62e920152d33f1b5 |
| sigil_0.9.13+dfsg-1ubuntu0.1.dsc | 2.3 KiB | 111f5b477dc6c3981d37b388a2e8c7e55e64368bf3a4185837dcb548bc4dc9f6 |
Available diffs
Binary packages built by this source
- sigil: No summary available for sigil in ubuntu disco.
No description available for sigil in ubuntu disco.
- sigil-data: No summary available for sigil-data in ubuntu disco.
No description available for sigil-data in ubuntu disco.
- sigil-dbgsym: No summary available for sigil-dbgsym in ubuntu disco.
No description available for sigil-dbgsym in ubuntu disco.
