Format: 1.8 Date: Fri, 21 Aug 2020 11:15:11 -0400 Source: sane-backends Binary: sane-utils libsane-common libsane libsane-dev libsane-dbg Architecture: all amd64 amd64_translations Version: 1.0.25+git20150528-1ubuntu2.16.04.3 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libsane - API library for scanners libsane-common - API library for scanners -- documentation and support files libsane-dbg - API development library for scanners [debug symbols] libsane-dev - API development library for scanners [development files] sane-utils - API library for scanners -- utilities Changes: sane-backends (1.0.25+git20150528-1ubuntu2.16.04.3) xenial-security; urgency=medium . * SECURITY UPDATE: memory disclosure via crafted SANE_NET_CONTROL_OPTION packet - debian/patches/CVE-2017-6318.patch: address memory corruption and information leakage in frontend/saned.c. - CVE-2017-6318 * SECURITY UPDATE: out-of-bounds read in epsonds - debian/patches/CVE-2020-12862.patch: do not read beyond the end of the token in backend/epsonds-cmd.c. - CVE-2020-12862 * SECURITY UPDATE: out-of-bounds read in epsonds - debian/patches/CVE-2020-12863.patch: read only up to seven hexdigits to determine payload size in backend/epsonds-cmd.c. - CVE-2020-12863 * SECURITY UPDATE: heap buffer overflow in epsonds - debian/patches/CVE-2020-12865.patch: check for overflow when reading image data in backend/epsonds-cmd.c, backend/epsonds.c, backend/epsonds.h. - CVE-2020-12865 * SECURITY UPDATE: NULL pointer dereference in epson2 - debian/patches/CVE-2020-12867.patch: rewrite network I/O in backend/epson2_net.c, backend/epson2_net.h. - CVE-2020-12867 Checksums-Sha1: 2a6bb1acbf53d48377900c90ec27910ed83454cd 709382 libsane-common_1.0.25+git20150528-1ubuntu2.16.04.3_all.deb ebaa3e7226dd254070f04ce4372b24b37dddd1a6 6689806 libsane-dbg_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.deb 14359fa8159e58a0cd72bb6c51b52d89ca52ff07 1306 libsane-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.ddeb 850c2bb8f5893afbb82d70369193e98ed9d928c6 1208 libsane-dev-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.ddeb fabb09dd538d35f8bf0c04bdb5a2db60f8c9c853 2214760 libsane-dev_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.deb 422482cebc3c1708369ff19cdee2084169d1b230 2012436 libsane_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.deb dadb2504c1d718b7c3540819e47ae0d4f0042c79 1025474 sane-backends_1.0.25+git20150528-1ubuntu2.16.04.3_amd64_translations.tar.gz 84649709f51a83f737a18026bf61b8a9480fdeac 1254 sane-utils-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.ddeb dfd1c8e0246b86955f4219d6794ee583d848359f 189224 sane-utils_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.deb Checksums-Sha256: 8e0601c41ff064f9d282c5402030479fd746131363be1dbb193ad03bf0090a23 709382 libsane-common_1.0.25+git20150528-1ubuntu2.16.04.3_all.deb ed83e03e3921ba75f30845925536e9c56e71ea91d5fbae7e9ea8ede5f374270b 6689806 libsane-dbg_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.deb 342ad21d68cbee3244ad1c2e2028f2c47f4ce1db3da1f1f54cc838f94ffa4045 1306 libsane-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.ddeb 465d39c006dbf8195c39050923cb1c874237951cd8a37c59be696c47cae03500 1208 libsane-dev-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.ddeb cf8af58bf98ce5ef7c52421b53a490265d2e476c00ffc760aaafd61e91169820 2214760 libsane-dev_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.deb 1e225614c2a817887dfc14618911aba867a8d76fe3f66a6acccc3e0888c349b2 2012436 libsane_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.deb 353f70e7cba3b1cbe3731b65c337ddce4803d40cfcdf6817e71d280fa213315a 1025474 sane-backends_1.0.25+git20150528-1ubuntu2.16.04.3_amd64_translations.tar.gz 479952afb07e0dcddbb45e2cc8f78b4f7731a944dd535a07fc058473fb97885c 1254 sane-utils-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.ddeb fee94f3cf78bd350ac135fe6f5787d10ce6bd4613740ba896a1581289e56fe1b 189224 sane-utils_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.deb Files: 49625d503c9e75b160b722ac92c2fc69 709382 libs optional libsane-common_1.0.25+git20150528-1ubuntu2.16.04.3_all.deb ecbf8fa8756ae762089e6d49a3c6928c 6689806 debug extra libsane-dbg_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.deb 6a6c8fceecf4a820edf5d65dda40ac9a 1306 libs extra libsane-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.ddeb afa457101a1ddba0640da3dc1f99eb1b 1208 libdevel extra libsane-dev-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.ddeb 2ed00dc8af8a3691144ad92ed32883b1 2214760 libdevel optional libsane-dev_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.deb 20414e7747a34a08e85fdebcbcd4a68f 2012436 libs optional libsane_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.deb 00aa262cdea6ae66e9587ccbf7768e0e 1025474 raw-translations - sane-backends_1.0.25+git20150528-1ubuntu2.16.04.3_amd64_translations.tar.gz c6b3e1a978826406c3cb11520a7ae6e6 1254 graphics extra sane-utils-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.ddeb 8444ce41935c81a25f31955f752af1ff 189224 graphics optional sane-utils_1.0.25+git20150528-1ubuntu2.16.04.3_amd64.deb Original-Maintainer: Jörg Frings-Fürst