Univention Bugzilla – Bug 54006
jbig2dec: Multiple issues (4.4)
Last modified: 2021-11-03 16:43:45 CET
New Debian jbig2dec 0.13-4.1+deb9u1 fixes: This update addresses the following issues: * Null pointer dereference in jbig2_huffman_get() (CVE-2017-9216) * heap-based buffer overflow in jbig2_image_compose in jbig2_image.c (CVE-2020-12268)
--- mirror/ftp/4.3/unmaintained/4.3-0/source/jbig2dec_0.13-4.1.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/jbig2dec_0.13-4.1+deb9u1.dsc @@ -1,3 +1,12 @@ +0.13-4.1+deb9u1 [Sun, 24 Oct 2021 19:03:02 +0200] Thorsten Alteholz <debian@alteholz.de>: + + * Team upload (printing and LTS) + * CVE-2020-12268 + avoid overflow with extreme values of x,y,w,h in function + jbig2_image_compose() + * CVE-2017-9216 + avoid NULL pointer dereference in function jbig2_huffman_get() + 0.13-4.1 [Tue, 16 May 2017 20:08:21 +0200] Salvatore Bonaccorso <carnil@debian.org>: * Non-maintainer upload. <http://piuparts.knut.univention.de/4.4-8/#7033171201908978599>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-8] ff71f08859 Bug #54006: jbig2dec 0.13-4.1+deb9u1 doc/errata/staging/jbig2dec.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) [4.4-8] 01129b1d41 Bug #54006: jbig2dec 0.13-4.1+deb9u1 doc/errata/staging/jbig2dec.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x1083>