Format: 1.8 Date: Fri, 21 Aug 2020 11:15:11 -0400 Source: sane-backends Binary: sane-utils libsane-common libsane libsane-dev libsane-dbg Architecture: i386 i386_translations Version: 1.0.25+git20150528-1ubuntu2.16.04.3 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libsane - API library for scanners libsane-common - API library for scanners -- documentation and support files libsane-dbg - API development library for scanners [debug symbols] libsane-dev - API development library for scanners [development files] sane-utils - API library for scanners -- utilities Changes: sane-backends (1.0.25+git20150528-1ubuntu2.16.04.3) xenial-security; urgency=medium . * SECURITY UPDATE: memory disclosure via crafted SANE_NET_CONTROL_OPTION packet - debian/patches/CVE-2017-6318.patch: address memory corruption and information leakage in frontend/saned.c. - CVE-2017-6318 * SECURITY UPDATE: out-of-bounds read in epsonds - debian/patches/CVE-2020-12862.patch: do not read beyond the end of the token in backend/epsonds-cmd.c. - CVE-2020-12862 * SECURITY UPDATE: out-of-bounds read in epsonds - debian/patches/CVE-2020-12863.patch: read only up to seven hexdigits to determine payload size in backend/epsonds-cmd.c. - CVE-2020-12863 * SECURITY UPDATE: heap buffer overflow in epsonds - debian/patches/CVE-2020-12865.patch: check for overflow when reading image data in backend/epsonds-cmd.c, backend/epsonds.c, backend/epsonds.h. - CVE-2020-12865 * SECURITY UPDATE: NULL pointer dereference in epson2 - debian/patches/CVE-2020-12867.patch: rewrite network I/O in backend/epson2_net.c, backend/epson2_net.h. - CVE-2020-12867 Checksums-Sha1: b496bd3d9107871fa534452b91636aacb73f8163 5694760 libsane-dbg_1.0.25+git20150528-1ubuntu2.16.04.3_i386.deb b63c989b0088344733b450f1ccc9e30fae737ed0 1308 libsane-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_i386.ddeb 0fca8b4d612b2c9b1ad280afd7e15c80f86c2b43 1208 libsane-dev-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_i386.ddeb be96823bb90763ac012a60416a1bc940d5175897 2368630 libsane-dev_1.0.25+git20150528-1ubuntu2.16.04.3_i386.deb 2ca46781f653c4dd894e904203689554aa526af4 2123934 libsane_1.0.25+git20150528-1ubuntu2.16.04.3_i386.deb d90168c4b60cf1ccba2e1f20e1ab77d22d73107a 575357 sane-backends_1.0.25+git20150528-1ubuntu2.16.04.3_i386_translations.tar.gz 67fc802e94b6cdbc2b684f894c5ec892778f0290 1252 sane-utils-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_i386.ddeb a29092933d2b517b78e75203c43055a07c337178 194526 sane-utils_1.0.25+git20150528-1ubuntu2.16.04.3_i386.deb Checksums-Sha256: a898d4c7751341d5cb4b794fce1d94ed5992787ea0c516b8ccdc0a711f486808 5694760 libsane-dbg_1.0.25+git20150528-1ubuntu2.16.04.3_i386.deb fa72ea3ccd5247fb90d8b00b9b6e2d3b5dcec116825aecad0b10007b35c960af 1308 libsane-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_i386.ddeb b2c4cbbb342669eb573f6de48829782f6dc90e12694d692979b6a5e58f089945 1208 libsane-dev-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_i386.ddeb 7e10a24f539ce44e72814ad80119cca64e41bec1cd5189c10cea82ce545b052c 2368630 libsane-dev_1.0.25+git20150528-1ubuntu2.16.04.3_i386.deb 691f1dac3d4ed7f8b17f4b19509246c596c79b098283dca5040fd895edb9a846 2123934 libsane_1.0.25+git20150528-1ubuntu2.16.04.3_i386.deb 77cd21b50dab04c54239976b287a3e47d57e111d39104878ba41ca055c82ef26 575357 sane-backends_1.0.25+git20150528-1ubuntu2.16.04.3_i386_translations.tar.gz 0769a66943537eff71c17e2fb854f53b68277403cd90a201346152cc23d39796 1252 sane-utils-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_i386.ddeb d078b2bddac03c07b3c1d7df60176d2acf17cdcc4f9429f8f80912be67eeb0f0 194526 sane-utils_1.0.25+git20150528-1ubuntu2.16.04.3_i386.deb Files: 9f13ccc1a11ea9db03a75c41d62d18e2 5694760 debug extra libsane-dbg_1.0.25+git20150528-1ubuntu2.16.04.3_i386.deb 6525ba0826de7861db2045008c7ed0f8 1308 libs extra libsane-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_i386.ddeb 0b25c0c14fd5987518a079e2f58f350d 1208 libdevel extra libsane-dev-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_i386.ddeb 36e86ce0516d8f9e6bfd18f536f3b969 2368630 libdevel optional libsane-dev_1.0.25+git20150528-1ubuntu2.16.04.3_i386.deb d1d32f012d8cb7314f84b14c8ef65d52 2123934 libs optional libsane_1.0.25+git20150528-1ubuntu2.16.04.3_i386.deb 2f2dec47d05dc6e0f9edc05e0efbac53 575357 raw-translations - sane-backends_1.0.25+git20150528-1ubuntu2.16.04.3_i386_translations.tar.gz c9e211d655017dc79bd58e4897b996be 1252 graphics extra sane-utils-dbgsym_1.0.25+git20150528-1ubuntu2.16.04.3_i386.ddeb cf5050b3bc0b59a4b16812f15cd4b20a 194526 graphics optional sane-utils_1.0.25+git20150528-1ubuntu2.16.04.3_i386.deb Original-Maintainer: Jörg Frings-Fürst