Univention Bugzilla – Bug 56948
libde265: Multiple issues (5.0)
Last modified: 2024-01-03 11:26:35 CET
New Debian libde265 1.0.11-0+deb10u6 fixes: This update addresses the following issues: 1.0.11-0+deb10u6 (Fri, 29 Dec 2023 23:03:02 +0100) * Non-maintainer upload by the LTS Team. * CVE-2023-49465 heap-buffer-overflow in derive_spatial_luma_vector_prediction() * CVE-2023-49467 heap-buffer-overflow in derive_combined_bipredictive_merging_candidates() * CVE-2023-49468 global buffer overflow in read_coding_unit()
--- mirror/ftp/pool/main/libd/libde265/libde265_1.0.11-0+deb10u5.dsc +++ apt/ucs_5.0-0-errata5.0-6/source/libde265_1.0.11-0+deb10u6.dsc @@ -1,3 +1,13 @@ +1.0.11-0+deb10u6 [Fri, 29 Dec 2023 23:03:02 +0100] Thorsten Alteholz <debian@alteholz.de>: + + * Non-maintainer upload by the LTS Team. + * CVE-2023-49465 + heap-buffer-overflow in derive_spatial_luma_vector_prediction() + * CVE-2023-49467 + heap-buffer-overflow in derive_combined_bipredictive_merging_candidates() + * CVE-2023-49468 + global buffer overflow in read_coding_unit() + 1.0.11-0+deb10u5 [Thu, 30 Nov 2023 17:31:53 +0100] Anton Gladky <gladk@debian.org>: * Non-maintainer upload by the LTS Security Team. <http://piuparts.knut.univention.de/5.0-6/#7139606354197455318>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-6] 661be63264 Bug #56948: libde265 1.0.11-0+deb10u6 doc/errata/staging/libde265.yaml | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) [5.0-6] c7a504065b Bug #56948: libde265 1.0.11-0+deb10u6 doc/errata/staging/libde265.yaml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x907>