Format: 1.8 Date: Wed, 06 Apr 2022 15:13:58 +1000 Source: fribidi Binary: libfribidi-bin libfribidi-dev libfribidi0 libfribidi0-udeb Architecture: s390x Version: 1.0.8-2ubuntu0.1 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Ray Veldkamp Description: libfribidi-bin - Free Implementation of the Unicode BiDi algorithm (utility) libfribidi-dev - Development files for FreeBidi library libfribidi0 - Free Implementation of the Unicode BiDi algorithm libfribidi0-udeb - Free Implementation of the Unicode BiDi algorithm (udeb) Changes: fribidi (1.0.8-2ubuntu0.1) focal-security; urgency=medium . * SECURITY UPDATE: Incorrect length checking in processing of line input could result in a stack buffer overflow, resulting in a crash or potential code execution. - debian/patches/CVE-2022-25308.patch: add checking to length of string buffer before processing in bin/fribidi-main.c - CVE-2022-25308 . * SECURITY UPDATE: Insufficient sanitization of input data to the CapRTL encoder could result in a heap buffer overflow, resulting in a crash or potential code execution. - debian/patches/CVE-2022-25309.patch: add checking and removal of dangerous characters before encoding stage, in lib/fribidi-char-sets-cap-rtl.c - CVE-2022-25309 . * SECURITY UPDATE: Incorrect handling of string pointer can result in a crash in fribidi_remove_bidi_marks(). - debian/patches/CVE-2022-25310.patch: add checking for NULL strings, to avoid potential use-after-free in lib/fribidi.c - CVE-2022-25310 Checksums-Sha1: 1fbcfd670dae81610545d103b801ac5c52b3e6b4 6596 fribidi_1.0.8-2ubuntu0.1_s390x.buildinfo c360e1507d3da2f5591ef4396f5c9f11755af75e 2824 libfribidi-bin-dbgsym_1.0.8-2ubuntu0.1_s390x.ddeb 3cb91e5da55a4c755ac37dbcf15009372e3a5699 9368 libfribidi-bin_1.0.8-2ubuntu0.1_s390x.deb 9f46fa5dc57efb5fd733a134e3c416cd08cfb9cc 63328 libfribidi-dev_1.0.8-2ubuntu0.1_s390x.deb 1bf00047100c6b9303d016ca254a1b6c5e7f18cf 3524 libfribidi0-dbgsym_1.0.8-2ubuntu0.1_s390x.ddeb 375ec6525c6831f9169b77e587a4d54dd70cec66 17720 libfribidi0-udeb_1.0.8-2ubuntu0.1_s390x.udeb acc3d628cf756a05415ac18e1c2a977198e08683 25040 libfribidi0_1.0.8-2ubuntu0.1_s390x.deb Checksums-Sha256: e923a57f1a1b0a556bd3edd1d1ce84011b53dbed71e964e228e0e05a7e3138a2 6596 fribidi_1.0.8-2ubuntu0.1_s390x.buildinfo 8a456e6332bf6f071d45cd41878f8d7150bcfb888f1e6051ede4e5b3249bdcde 2824 libfribidi-bin-dbgsym_1.0.8-2ubuntu0.1_s390x.ddeb bbabf0403161ba5cdeef4a2564709624de4756b7c21bb4128dc6b02860ff9955 9368 libfribidi-bin_1.0.8-2ubuntu0.1_s390x.deb 6d9ff079a7e79a61d9910a2f8a40d522a44eeadde45e4efd4449c0cfbe69eb7d 63328 libfribidi-dev_1.0.8-2ubuntu0.1_s390x.deb 6010757f7c035fa4892d357a95f76331aa9d74e1f425b10872abfc3d356d47de 3524 libfribidi0-dbgsym_1.0.8-2ubuntu0.1_s390x.ddeb b2f4bcdd38891c818432aa755a39fa5ff7b07ccf84863c7f2fb0714979a90415 17720 libfribidi0-udeb_1.0.8-2ubuntu0.1_s390x.udeb 682d86846a5b6af948b3beb29acee80c0c99e0d8ad43c74f1badc5847e7f0fab 25040 libfribidi0_1.0.8-2ubuntu0.1_s390x.deb Files: e2236aa76f13c7fc282105bb972ad3b7 6596 libs optional fribidi_1.0.8-2ubuntu0.1_s390x.buildinfo f28205ca511af6debb98c849cef1e81a 2824 debug optional libfribidi-bin-dbgsym_1.0.8-2ubuntu0.1_s390x.ddeb d8dce63c5037799b709c4f7e967218e8 9368 utils optional libfribidi-bin_1.0.8-2ubuntu0.1_s390x.deb f3d39dbf723b080a39c5459c141ff99b 63328 libdevel optional libfribidi-dev_1.0.8-2ubuntu0.1_s390x.deb 509492ed193d8abb92eb46050198d7e9 3524 debug optional libfribidi0-dbgsym_1.0.8-2ubuntu0.1_s390x.ddeb f19ef92c6a777c0d64459430eac89810 17720 debian-installer optional libfribidi0-udeb_1.0.8-2ubuntu0.1_s390x.udeb 3e058da87ab6c7e39b137d67b348aeeb 25040 libs optional libfribidi0_1.0.8-2ubuntu0.1_s390x.deb Original-Maintainer: Debian Hebrew Packaging Team