UbuntuUpdates.org

Package "djvuserve"

Name: djvuserve

Description:

CGI program for unbundling DjVu files on the fly

Latest version: 3.5.27.1-14ubuntu0.1
Release: focal (20.04)
Level: security
Repository: universe
Head package: djvulibre
Homepage: http://djvu.sourceforge.net/

Links


Download "djvuserve"


Other versions of "djvuserve" in Focal

Repository Area Version
base universe 3.5.27.1-14build1
updates universe 3.5.27.1-14ubuntu0.1

Changelog

Version: 3.5.27.1-14ubuntu0.1 2021-05-17 18:06:27 UTC

  djvulibre (3.5.27.1-14ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Stack overflow
    - debian/patches/CVE-2021-3500.patch: prevent recursion in
      libdjvu/DjVuPort.cpp, libdjvu/DjVuPort.h.
    - CVE-2021-3500
  * SECURITY UPDATE: Out of bounds write
    - debian/patches/CVE-2021-32490.patch: add checks to
      libdjvu/IW44Image.cpp.
    - CVE-2021-32490
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2021-32491.patch: check for overflow in
      tools/ddjvu.cpp.
    - CVE-2021-32491
  * SECURITY UPDATE: Out of bounds read
    - debian/patches/CVE-2021-32492.patch: check pool in
      libdjvu/DataPool.cpp.
    - CVE-2021-32492
  * SECURITY UPDATE: Heap buffer overflow
    - debian/patches/CVE-2021-32493.patch: check row size in
      libdjvu/GBitmap.cpp.
    - CVE-2021-32493
  * debian/patches: rename debian-changes to changes.patch to simplify
    maintenance.

 -- Marc Deslauriers <email address hidden> Mon, 17 May 2021 09:18:16 -0400




About   -   Send Feedback to @ubuntu_updates