Format: 1.8
Date: Mon, 01 Jul 2019 15:30:43 -0400
Source: flightcrew
Binary: flightcrew libflightcrew0v5 libflightcrew-dev
Architecture: ppc64el
Version: 0.7.2+dfsg-6ubuntu0.1
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-ppc64el-011.buildd>
Changed-By: Mike Salvatore <mike.salvatore@canonical.com>
Description:
 flightcrew - C++ epub validator
 libflightcrew-dev - C++ library development filesfor epub validation
 libflightcrew0v5 - C++ library for epub validation
Changes:
 flightcrew (0.7.2+dfsg-6ubuntu0.1) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: NULL pointer dereference (DoS) when processing crafted
     EPUB file
     - debian/patches/CVE-2019-13032-1.patch: prevent segfault from malformed
       opf items in GetRelativePathToNcx()
     - debian/patches/CVE-2019-13032-2.patch: prevent segfault from malformed
       opf items in GetRelativePathsToXhtmlDocuments()
     - CVE-2019-13032
   * SECURITY UPDATE: Zip Slip directory traversal when processing a crafted
     EPUB file
     - debian/patches/CVE-2019-13241-1.patch: try to make extracting epbs safer
     - debian/patches/CVE-2019-13241-2.patch: further harden zip extraction to
       always be safe
     - debian/patches/CVE-2019-13241-3.patch: harden further by throwing
       exception
     - CVE-2019-13241
   * SECURITY UPDATE: Infinite loop leading to DoS and resource consumption
     - debian/patches/CVE-2019-13453.patch: Prevent infinite loop in zipios
       library by checking for EOF
     - CVE-2019-13453
Checksums-Sha1:
 d01cf05e3a4db27bf87d1b8ebe4d9b0153560ede 606496 flightcrew-dbgsym_0.7.2+dfsg-6ubuntu0.1_ppc64el.ddeb
 d23ee97509bb280e3cf7ff24f506d9e305f83050 66790 flightcrew_0.7.2+dfsg-6ubuntu0.1_ppc64el.deb
 df1f2be7ada145d5ce33b52bd4ff4d8139bf6433 7104902 libflightcrew0v5-dbgsym_0.7.2+dfsg-6ubuntu0.1_ppc64el.ddeb
 36f4cca9b9627c3caf772867f7b86f385ba5c9fd 374176 libflightcrew0v5_0.7.2+dfsg-6ubuntu0.1_ppc64el.deb
Checksums-Sha256:
 49107074875731280d9e2755614342239305cb10ae10d6835422ca264f3a3c58 606496 flightcrew-dbgsym_0.7.2+dfsg-6ubuntu0.1_ppc64el.ddeb
 a81bd49128eab0b22fc6a7a322166a8fe26783193ed1db97b6037bfcfe206dd3 66790 flightcrew_0.7.2+dfsg-6ubuntu0.1_ppc64el.deb
 a1d4af1f1d524476c51043990c6e523b947d90ce40ad2b0233c38e065abfbdbc 7104902 libflightcrew0v5-dbgsym_0.7.2+dfsg-6ubuntu0.1_ppc64el.ddeb
 da24552c4ac6b425997dcb094bbff9a3e91cdd3f3cb4039bd85bb70b78809034 374176 libflightcrew0v5_0.7.2+dfsg-6ubuntu0.1_ppc64el.deb
Files:
 c487c87fec4069d9da13bdda85f4a9e5 606496 text extra flightcrew-dbgsym_0.7.2+dfsg-6ubuntu0.1_ppc64el.ddeb
 fc4b2397bb1c9d39ec10a82ef1bcb24b 66790 text extra flightcrew_0.7.2+dfsg-6ubuntu0.1_ppc64el.deb
 06397f074c564281b52002e11e612cd0 7104902 text extra libflightcrew0v5-dbgsym_0.7.2+dfsg-6ubuntu0.1_ppc64el.ddeb
 01592719357adc29a5521c2374a920e3 374176 text extra libflightcrew0v5_0.7.2+dfsg-6ubuntu0.1_ppc64el.deb
Original-Maintainer: Mattia Rizzolo <mattia@debian.org>