Format: 1.8 Date: Wed, 20 Nov 2019 10:26:08 -0500 Source: djvulibre Binary: libdjvulibre-dev libdjvulibre21 libdjvulibre-text djvulibre-desktop djview djview3 djvuserve djvulibre-bin Architecture: armhf Version: 3.5.27.1-8ubuntu0.1 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: djview - Transition package, djview3 to djview4 djview3 - Transition package, djview3 to djview4 djvulibre-bin - Utilities for the DjVu image format djvulibre-desktop - Desktop support for the DjVu image format djvuserve - CGI program for unbundling DjVu files on the fly libdjvulibre-dev - Development files for the DjVu image format libdjvulibre-text - Linguistic support files for libdjvulibre libdjvulibre21 - Runtime support for the DjVu image format Changes: djvulibre (3.5.27.1-8ubuntu0.1) bionic-security; urgency=medium . * SECURITY UPDATE: heap-based buffer overread - debian/patches/CVE-2019-15142-pre1.patch: fix lengths in libdjvu/DjVmDir.cpp, libdjvu/miniexp.cpp, tools/csepdjvu.cpp. - debian/patches/CVE-2019-15142.patch: add checks to libdjvu/DjVmDir.cpp. - CVE-2019-15142 * SECURITY UPDATE: infinite loop in bitmap reader - debian/patches/CVE-2019-15143.patch: check return code in libdjvu/GBitmap.cpp, libdjvu/DjVmDir.cpp. - CVE-2019-15143 * SECURITY UPDATE: uncontrolled recursion in sorting - debian/patches/CVE-2019-15144.patch: fix logic in libdjvu/GContainer.h. - CVE-2019-15144 * SECURITY UPDATE: out of bounds read - debian/patches/CVE-2019-15145.patch: check bytes in libdjvu/GBitmap.h. - CVE-2019-15145 * SECURITY UPDATE: NULL pointer dereference in DJVU::filter_fv - debian/patches/CVE-2019-18804.patch: add extra checks to libdjvu/IW44EncodeCodec.cpp, tools/ddjvu.cpp. - CVE-2019-18804 Checksums-Sha1: 6278c3fa3fd3aa0f714cac1dc6e8b0e67fc83747 1176012 djvulibre-bin-dbgsym_3.5.27.1-8ubuntu0.1_armhf.ddeb 90a38e4ab5577c2796deff3aa620e176f376b34f 250500 djvulibre-bin_3.5.27.1-8ubuntu0.1_armhf.deb f532beb8368a8916b8776b5cc0de3260e617be51 10935 djvulibre_3.5.27.1-8ubuntu0.1_armhf.buildinfo 2974e2eacf8468686d0e65a671312aafbefefc92 58712 djvuserve-dbgsym_3.5.27.1-8ubuntu0.1_armhf.ddeb d8174e4999d5686781fcc637ea7f1f315c027870 18220 djvuserve_3.5.27.1-8ubuntu0.1_armhf.deb 103fe46cb972cfaf91ddf28de0cd3fdb49f0ac47 2335980 libdjvulibre-dev_3.5.27.1-8ubuntu0.1_armhf.deb ba73eb7cf2d6ac5e95feeb43a9a5694f4cfddafe 2680976 libdjvulibre21-dbgsym_3.5.27.1-8ubuntu0.1_armhf.ddeb b42fd59d8f7011b78ba8a71ae134f4bd26865967 477152 libdjvulibre21_3.5.27.1-8ubuntu0.1_armhf.deb Checksums-Sha256: 5080b58f82ccca703080cc1984a60bcd71917fea9ae0ff1ce080b935c90d372a 1176012 djvulibre-bin-dbgsym_3.5.27.1-8ubuntu0.1_armhf.ddeb 804997f632abe88a0a0c214e6c6f38e871aed17162340155b5060c6238d73090 250500 djvulibre-bin_3.5.27.1-8ubuntu0.1_armhf.deb 27b36e7421687bce8f71cd3f684e0513715dbc2ec296508f47753cc67c914960 10935 djvulibre_3.5.27.1-8ubuntu0.1_armhf.buildinfo c4bebf8aa0b117496ad29b3102932426374fea518fe22d2e507ac369587242bb 58712 djvuserve-dbgsym_3.5.27.1-8ubuntu0.1_armhf.ddeb 278a953ccd5effcac61b8e6a8b18ffdc43f9419003af94749b09c59b23d7658d 18220 djvuserve_3.5.27.1-8ubuntu0.1_armhf.deb 8720656d5a5361efd2fe7397abf5823ecef82f340f971809c1bb7abbd8aceb7d 2335980 libdjvulibre-dev_3.5.27.1-8ubuntu0.1_armhf.deb 7ae520a2cd504cffa7974540e37fee80784b33f3054645e9e5f0b04869f23dad 2680976 libdjvulibre21-dbgsym_3.5.27.1-8ubuntu0.1_armhf.ddeb b89cf2ffcc045e9958c4445d0c46768b22f5cdf6b09ca03ff32d113a9c4c3639 477152 libdjvulibre21_3.5.27.1-8ubuntu0.1_armhf.deb Files: 63bb5205eecc52f8b027631e89d91b2c 1176012 debug optional djvulibre-bin-dbgsym_3.5.27.1-8ubuntu0.1_armhf.ddeb 13906b2de18acdb3fde4c5b732ec637c 250500 graphics optional djvulibre-bin_3.5.27.1-8ubuntu0.1_armhf.deb a155f43fe86d776b4e17bc6ac7b2421e 10935 libs optional djvulibre_3.5.27.1-8ubuntu0.1_armhf.buildinfo 2521bc3617110af6ebd43263ad3b40a2 58712 debug optional djvuserve-dbgsym_3.5.27.1-8ubuntu0.1_armhf.ddeb c2f3cad514925cb9c128ca7a88d1e799 18220 web optional djvuserve_3.5.27.1-8ubuntu0.1_armhf.deb ba1c601019a81033bf3bdfedbf3a9121 2335980 libdevel optional libdjvulibre-dev_3.5.27.1-8ubuntu0.1_armhf.deb d4d32f51e682c811ec2161d66a4bb1a3 2680976 debug optional libdjvulibre21-dbgsym_3.5.27.1-8ubuntu0.1_armhf.ddeb b31d88709625d9f467544fd19740dfe9 477152 libs optional libdjvulibre21_3.5.27.1-8ubuntu0.1_armhf.deb Original-Maintainer: Barak A. Pearlmutter