Format: 1.8 Date: Wed, 06 Apr 2022 15:13:58 +1000 Source: fribidi Binary: libfribidi-bin libfribidi-dev libfribidi0 libfribidi0-udeb Architecture: riscv64 Version: 1.0.8-2ubuntu0.1 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Ray Veldkamp Description: libfribidi-bin - Free Implementation of the Unicode BiDi algorithm (utility) libfribidi-dev - Development files for FreeBidi library libfribidi0 - Free Implementation of the Unicode BiDi algorithm libfribidi0-udeb - Free Implementation of the Unicode BiDi algorithm (udeb) Changes: fribidi (1.0.8-2ubuntu0.1) focal-security; urgency=medium . * SECURITY UPDATE: Incorrect length checking in processing of line input could result in a stack buffer overflow, resulting in a crash or potential code execution. - debian/patches/CVE-2022-25308.patch: add checking to length of string buffer before processing in bin/fribidi-main.c - CVE-2022-25308 . * SECURITY UPDATE: Insufficient sanitization of input data to the CapRTL encoder could result in a heap buffer overflow, resulting in a crash or potential code execution. - debian/patches/CVE-2022-25309.patch: add checking and removal of dangerous characters before encoding stage, in lib/fribidi-char-sets-cap-rtl.c - CVE-2022-25309 . * SECURITY UPDATE: Incorrect handling of string pointer can result in a crash in fribidi_remove_bidi_marks(). - debian/patches/CVE-2022-25310.patch: add checking for NULL strings, to avoid potential use-after-free in lib/fribidi.c - CVE-2022-25310 Checksums-Sha1: ec9d0c1669e1b47add4881e7e6dca3c419c50d82 6485 fribidi_1.0.8-2ubuntu0.1_riscv64.buildinfo ede0d2030a57e2f05cf655f8005ddaa397c4dd96 2936 libfribidi-bin-dbgsym_1.0.8-2ubuntu0.1_riscv64.ddeb 17791c7509f784fe11d9ebd060370d81dedf9d3a 9192 libfribidi-bin_1.0.8-2ubuntu0.1_riscv64.deb a908a0bd87cd1818b8c8e38d3a4caa30915f1d19 67880 libfribidi-dev_1.0.8-2ubuntu0.1_riscv64.deb 8e9ce89b429318487010e45080099fdfd4b0ca70 3460 libfribidi0-dbgsym_1.0.8-2ubuntu0.1_riscv64.ddeb f84af84d403f1f36ff30b26e83f0aff7ea2e6382 16960 libfribidi0-udeb_1.0.8-2ubuntu0.1_riscv64.udeb 91825897e878f4dafaa0f9bd89790cee8c6909cd 24276 libfribidi0_1.0.8-2ubuntu0.1_riscv64.deb Checksums-Sha256: 75d8034b0f78e88d8fb5f0d7bfc1f003ff0d49697a3e63f8ae2869f924fce6df 6485 fribidi_1.0.8-2ubuntu0.1_riscv64.buildinfo 98b0c25b6f3bde21683c7035bffeaefefac00079e1dfa6bbf1701c212b59078b 2936 libfribidi-bin-dbgsym_1.0.8-2ubuntu0.1_riscv64.ddeb 5ba680946817ef05cc35983a50c6f6f2d8d7fd76f8e0ba4b31efa2b5d9c9851a 9192 libfribidi-bin_1.0.8-2ubuntu0.1_riscv64.deb e5d0b54ff799d71e5dfa958e8a229ecb1bf7d2b59c3d799baf1efccd86b24725 67880 libfribidi-dev_1.0.8-2ubuntu0.1_riscv64.deb a0a2a383d0616abc41d356283875b1c3086afe45ecdd906933dd0219a3b90dc6 3460 libfribidi0-dbgsym_1.0.8-2ubuntu0.1_riscv64.ddeb 73035c4293ae2e4c5a63b1cc4f5f61d833af6f6bf845a7dff8cdbccbf076fe0b 16960 libfribidi0-udeb_1.0.8-2ubuntu0.1_riscv64.udeb abea3555e1841f6c025647e0c17fdceff4146c48b6fc4d310df01d97f230e8a8 24276 libfribidi0_1.0.8-2ubuntu0.1_riscv64.deb Files: 1d38c8db7502b158a736ff55b8bb5a81 6485 libs optional fribidi_1.0.8-2ubuntu0.1_riscv64.buildinfo 3c1762ff4ed6309e2f634dddaacee5b1 2936 debug optional libfribidi-bin-dbgsym_1.0.8-2ubuntu0.1_riscv64.ddeb b21d9baf5836a319c5bc99158e2e2409 9192 utils optional libfribidi-bin_1.0.8-2ubuntu0.1_riscv64.deb 2da56eb155b3c753c9b13735b2093f56 67880 libdevel optional libfribidi-dev_1.0.8-2ubuntu0.1_riscv64.deb c88032d6e84d3a10f0da875166d74192 3460 debug optional libfribidi0-dbgsym_1.0.8-2ubuntu0.1_riscv64.ddeb 5d1024af1f1d17d3484e3e835cce6569 16960 debian-installer optional libfribidi0-udeb_1.0.8-2ubuntu0.1_riscv64.udeb 67aaf5357e3704583d2ffbb8e1f8653c 24276 libs optional libfribidi0_1.0.8-2ubuntu0.1_riscv64.deb Original-Maintainer: Debian Hebrew Packaging Team