Univention Bugzilla – Bug 53121
libebml: Multiple issues (4.4)
Last modified: 2021-04-21 16:56:59 CEST
New Debian libebml 1.3.4-1+deb9u2 fixes: This update addresses the following issue: * A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml. (CVE-2021-3405)
--- mirror/ftp/4.4/unmaintained/4.4-2/source/libebml_1.3.4-1+deb9u1.dsc +++ apt/ucs_4.4-0-errata4.4-7/source/libebml_1.3.4-1+deb9u2.dsc @@ -1,3 +1,9 @@ +1.3.4-1+deb9u2 [Sun, 18 Apr 2021 10:03:02 +0200] Thorsten Alteholz <debian@alteholz.de>: + + * Non-maintainer upload by the LTS Team. + * CVE-2021-3405 + heap overflow bug in several *:ReadData classes + 1.3.4-1+deb9u1 [Sun, 11 Aug 2019 22:09:57 +0200] Sebastian Ramacher <sramacher@debian.org>: * debian/patches: Apply upstream fixes for heap-based buffer over-reads. <http://piuparts.knut.univention.de/4.4-7/#7751664368567752213>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-7] 8c4fd91e03 Bug #53121: libebml 1.3.4-1+deb9u2 doc/errata/staging/libebml.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) [4.4-7] 0edeed04e6 Bug #53121: libebml 1.3.4-1+deb9u2 doc/errata/staging/libebml.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x959>