-
djvulibre (3.5.27.1-10ubuntu0.1) disco-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overread
- debian/patches/CVE-2019-15142.patch: add checks to
libdjvu/DjVmDir.cpp.
- CVE-2019-15142
* SECURITY UPDATE: infinite loop in bitmap reader
- debian/patches/CVE-2019-15143.patch: check return code in
libdjvu/GBitmap.cpp, libdjvu/DjVmDir.cpp.
- CVE-2019-15143
* SECURITY UPDATE: uncontrolled recursion in sorting
- debian/patches/CVE-2019-15144.patch: fix logic in
libdjvu/GContainer.h.
- CVE-2019-15144
* SECURITY UPDATE: out of bounds read
- debian/patches/CVE-2019-15145.patch: check bytes in
libdjvu/GBitmap.h.
- CVE-2019-15145
* SECURITY UPDATE: NULL pointer dereference in DJVU::filter_fv
- debian/patches/CVE-2019-18804.patch: add extra checks to
libdjvu/IW44EncodeCodec.cpp, tools/ddjvu.cpp.
- CVE-2019-18804
-- Marc Deslauriers <email address hidden> Wed, 20 Nov 2019 10:07:27 -0500
-
djvulibre (3.5.27.1-10) unstable; urgency=medium
[ Ondřej Nový ]
* d/watch: Use https protocol
[ Barak A. Pearlmutter ]
* track upstream updates
* bump policy, no changes required
-- Barak A. Pearlmutter <email address hidden> Fri, 02 Nov 2018 14:51:55 +0000
-
djvulibre (3.5.27.1-9) unstable; urgency=medium
* bump to debhelper 11
* bump policy, no changes required
* stop including mimetype xml file in desktop package, and rename icons.
For details see https://sourceforge.net/p/djvu/bugs/283/
* adjust to upstream renaming of documentation
-- Barak A. Pearlmutter <email address hidden> Mon, 30 Apr 2018 17:13:35 +0100
