Format: 1.8 Date: Wed, 31 Jul 2019 09:19:02 -0400 Source: sigil Binary: sigil Architecture: ppc64el Version: 0.9.13+dfsg-1ubuntu0.1 Distribution: disco Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Mike Salvatore Description: sigil - multi-platform ebook editor Changes: sigil (0.9.13+dfsg-1ubuntu0.1) disco-security; urgency=medium . * SECURITY UPDATE: Zip Slip directory traversal when processing a crafted EPUB file - debian/patches/CVE-2019-14452-1.patch: do not allow zip files to have upward relative path sections. - debian/patches/CVE-2019-14452-2.patch: further harden against malicious epubs and produce error message. - debian/patches/CVE-2019-14452-3.patch: harden plugin unzipping to zip-slip attacks. - CVE-2019-14452 Checksums-Sha1: 06eb90ee5af7e7de79d9d336c4c9edc3bd303e95 19371260 sigil-dbgsym_0.9.13+dfsg-1ubuntu0.1_ppc64el.ddeb aa2f10202f11508fc1e38824d3eddb3c373b48df 13140 sigil_0.9.13+dfsg-1ubuntu0.1_ppc64el.buildinfo 995b9c22bb535dbfd3e7c13d8ae8375bcabb3a4d 1895572 sigil_0.9.13+dfsg-1ubuntu0.1_ppc64el.deb Checksums-Sha256: 8b5da80e549863d6283cc371ae15255e4b62801a39893adf1d9b43cff523d845 19371260 sigil-dbgsym_0.9.13+dfsg-1ubuntu0.1_ppc64el.ddeb aea77149615fd7d7499a8559a8b70f741d8b0175f54fa58e087eed83690214c6 13140 sigil_0.9.13+dfsg-1ubuntu0.1_ppc64el.buildinfo 28154d69bf91843b9ea5cc88619d3afa21877607aa731d2bad22a2556119cbe6 1895572 sigil_0.9.13+dfsg-1ubuntu0.1_ppc64el.deb Files: e3a540a9d6553fa20e23e33b0756681b 19371260 debug optional sigil-dbgsym_0.9.13+dfsg-1ubuntu0.1_ppc64el.ddeb 8299be4a51ac17c609fdbd7247e182b1 13140 editors optional sigil_0.9.13+dfsg-1ubuntu0.1_ppc64el.buildinfo 856574e614abbb5b63c2505f8f3a92a8 1895572 editors optional sigil_0.9.13+dfsg-1ubuntu0.1_ppc64el.deb Original-Maintainer: Mattia Rizzolo