Format: 1.8 Date: Tue, 26 Apr 2022 16:01:05 +1000 Source: fribidi Binary: libfribidi-bin libfribidi-dev libfribidi0 Built-For-Profiles: noudeb Architecture: s390x Version: 1.0.8-2ubuntu3.1 Distribution: jammy Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Ray Veldkamp Description: libfribidi-bin - Free Implementation of the Unicode BiDi algorithm (utility) libfribidi-dev - Development files for FreeBidi library libfribidi0 - Free Implementation of the Unicode BiDi algorithm Changes: fribidi (1.0.8-2ubuntu3.1) jammy-security; urgency=medium . * SECURITY UPDATE: Incorrect length checking in processing of line input could result in a stack buffer overflow, resulting in a crash or potential code execution. - debian/patches/CVE-2022-25308.patch: add checking to length of string buffer before processing in bin/fribidi-main.c - CVE-2022-25308 . * SECURITY UPDATE: Insufficient sanitization of input data to the CapRTL encoder could result in a heap buffer overflow, resulting in a crash or potential code execution. - debian/patches/CVE-2022-25309.patch: add checking and removal of dangerous characters before encoding stage, in lib/fribidi-char-sets-cap-rtl.c - CVE-2022-25309 . * SECURITY UPDATE: Incorrect handling of string pointer can result in a crash in fribidi_remove_bidi_marks(). - debian/patches/CVE-2022-25310.patch: add checking for NULL strings, to avoid potential use-after-free in lib/fribidi.c - CVE-2022-25310 Checksums-Sha1: bd941dd153b06eaf8ea0a5af6c3f60533ed83e4c 6775 fribidi_1.0.8-2ubuntu3.1_s390x.buildinfo 9eca4a9adad51d63f2d92656b1279ebe573a3afe 2778 libfribidi-bin-dbgsym_1.0.8-2ubuntu3.1_s390x.ddeb b31ed66cfd8575f36cf29bb532271d272791c8f6 9614 libfribidi-bin_1.0.8-2ubuntu3.1_s390x.deb 2139b23d94cee285b76b5f914acebb8e5960bb01 66168 libfribidi-dev_1.0.8-2ubuntu3.1_s390x.deb 404f6fdb77e66e3158665db958b25b0022c37232 3652 libfribidi0-dbgsym_1.0.8-2ubuntu3.1_s390x.ddeb edb2cfc0393dadd3c3ad91f356bed14bfe170ce4 27278 libfribidi0_1.0.8-2ubuntu3.1_s390x.deb Checksums-Sha256: f6ce3e1c6a06baaddc62dee52310c73cb065dc4e97137f2b5773f54f3bc70970 6775 fribidi_1.0.8-2ubuntu3.1_s390x.buildinfo 802e575e5c7357fd2a95091a61be624ba5cdde3180f99f371fee9942e461f467 2778 libfribidi-bin-dbgsym_1.0.8-2ubuntu3.1_s390x.ddeb 7490476b66e9651c1f8e1b521335a8c5113df0944891c08791b9dc7a920787f9 9614 libfribidi-bin_1.0.8-2ubuntu3.1_s390x.deb 405fb02808ebb8b4a6d9071d17cef34cd3910cfa126626c4b76bf1839954674a 66168 libfribidi-dev_1.0.8-2ubuntu3.1_s390x.deb cef3d824184a0d835c8e3ad73e407c3a4f1602b97d92b1ec66effb53676277ec 3652 libfribidi0-dbgsym_1.0.8-2ubuntu3.1_s390x.ddeb 80dcf064833da1487db885bf9cc619e73f2d2d19d754b400f20fbcebff0434de 27278 libfribidi0_1.0.8-2ubuntu3.1_s390x.deb Files: ff1b02d033b1148cf230eb4e829c4955 6775 libs optional fribidi_1.0.8-2ubuntu3.1_s390x.buildinfo 85777adf8d18e84aabb774ee0d91b243 2778 debug optional libfribidi-bin-dbgsym_1.0.8-2ubuntu3.1_s390x.ddeb b8c75279c1b37c868fbfde60015271ce 9614 utils optional libfribidi-bin_1.0.8-2ubuntu3.1_s390x.deb 49f61da12537e5ce4c15cf3b8ec7a0ff 66168 libdevel optional libfribidi-dev_1.0.8-2ubuntu3.1_s390x.deb bbd77a316aafcbf4aa45cd6f0569dc5e 3652 debug optional libfribidi0-dbgsym_1.0.8-2ubuntu3.1_s390x.ddeb ffa3f5f2e7805a8ba70e7b592f6b9cda 27278 libs optional libfribidi0_1.0.8-2ubuntu3.1_s390x.deb Original-Maintainer: Debian Hebrew Packaging Team