Format: 1.8 Date: Wed, 24 Jul 2019 14:03:37 -0400 Source: libebml Binary: libebml4v5 libebml-dev Architecture: armhf Version: 1.3.3-1ubuntu0.1 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libebml-dev - access library for the EBML format (development files) libebml4v5 - access library for the EBML format (shared library) Changes: libebml (1.3.3-1ubuntu0.1) xenial-security; urgency=medium . * SECURITY UPDATE: heap-based out of bounds read - debian/patches/CVE-2019-13615-1.patch: check the max size to read before actually reading in src/EbmlElement.cpp. - debian/patches/CVE-2019-13615-2.patch: do not output an element with size Unknown if it's not allowed in src/EbmlElement.cpp. - debian/patches/CVE-2019-13615-3.patch: exit the max size loop when there's nothing left possible to find in src/EbmlElement.cpp. - debian/patches/CVE-2019-13615-4.patch: rework the way we look at the end boundary when looking an element in a parent in src/EbmlElement.cpp. - CVE-2019-13615 Checksums-Sha1: 0a7a8011df76568f81b444ebb7a6a70a0adf462a 68544 libebml-dev_1.3.3-1ubuntu0.1_armhf.deb 2a1a170d3fb00f5d781f95b6534ed1b05b5ee5ee 214624 libebml4v5-dbgsym_1.3.3-1ubuntu0.1_armhf.ddeb 5f4bd4679eafba259612bbbf6c7573d9bd282bc2 40600 libebml4v5_1.3.3-1ubuntu0.1_armhf.deb Checksums-Sha256: ada883e96b529b70e20810df3816e704834e3d1c15caebf49e72a03900d24192 68544 libebml-dev_1.3.3-1ubuntu0.1_armhf.deb 55294a1468b1c0e490438f7949b108558a965c64ae18b3346492d828f5399a4e 214624 libebml4v5-dbgsym_1.3.3-1ubuntu0.1_armhf.ddeb 3b6bb0fc278b23203084be72776f7f1a7c4254ccd8b277dadb50d2508870a5c4 40600 libebml4v5_1.3.3-1ubuntu0.1_armhf.deb Files: d4bff0060efc4e8c00935512004ad7ae 68544 libdevel optional libebml-dev_1.3.3-1ubuntu0.1_armhf.deb 29a1a091323d2aeb25058c660e2c0fab 214624 libs extra libebml4v5-dbgsym_1.3.3-1ubuntu0.1_armhf.ddeb b3138fb194e9b704a2b6b86ddb2c2e16 40600 libs optional libebml4v5_1.3.3-1ubuntu0.1_armhf.deb Original-Maintainer: Debian Multimedia Maintainers