Package "libudf0"

Name:	libudf0
Description:	library to work with UDF filesystems
Latest version:	2.0.0-2ubuntu0.2
Release:	focal (20.04)
Level:	security
Repository:	main
Head package:	libcdio
Homepage:	http://www.gnu.org/software/libcdio/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "libudf0"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "libudf0" in Focal

Repository	Area	Version
base	main	2.0.0-2
updates	main	2.0.0-2ubuntu0.2
PPA: Xbmc		2.1.0-2.1~focal

Changelog

Version: 2.0.0-2ubuntu0.2 2024-07-01 01:07:05 UTC

libcdio (2.0.0-2ubuntu0.2) focal-security; urgency=medium * SECURITY UPDATE: buffer overflow - debian/patches/CVE-2024-36600-1.patch: Allocates space for growth and additional buffer in lib/iso9660/rock.c - debian/patches/CVE-2024-36600-2.patch: Limits the maximum read count to prevent an overflow in lib/driver/_cdio_stdio.c - debian/patches/CVE-2024-36600-3.patch: Adds input validation to unicode16_decode function in lib/udf/udf_fs.c - debian/patches/CVE-2024-36600-4.patch: Adds bounds checking for directory buffer size and total size calculation in lib/iso9660/iso9660_fs.c - debian/patches/CVE-2024-36600-5.patch: Fixes overflow in iso9660 dir read (32-bit) in lib/iso9660/iso9660_fs.c - debian/patches/CVE-2024-36600-6.patch: Checks the validity of i_extended_attr member in udf_get_lba() in lib/udf/udf_fs.c - debian/patches/CVE-2024-36600-7.patch: Adds 32-bit size test only when needed in lib/iso9660/iso9660_fs.c - CVE-2024-36600 -- Bruce Cable <email address hidden> Mon, 24 Jun 2024 16:01:37 +1000

CVE-2024-36600

Buffer Overflow Vulnerability in libcdio v2.1.0 allows an attacker to execute arbitrary code via a crafted ISO 9660 image file.

About - Send Feedback to @ubuntu_updates

Package "libudf0"

Links

Download "libudf0"

Other versions of "libudf0" in Focal

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

PPA updates