UbuntuUpdates.org

Package "libde265"

Name: libde265

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Open H.265 video codec implementation
  • Open H.265 video codec implementation - development files
  • Open H.265 video codec implementation - examples
Latest version: 1.0.4-1ubuntu0.4
Release: focal (20.04)
Level: security
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "libde265" in Focal

Repository Area Version
base universe 1.0.4-1build1
updates universe 1.0.4-1ubuntu0.4

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.0.4-1ubuntu0.4 2024-03-05 20:06:52 UTC

  libde265 (1.0.4-1ubuntu0.4) focal-security; urgency=medium

  * SECURITY UPDATE: denial-of-service
    - debian/patches/CVE-2023-27102.patch: check whether referenced
      PPS exists.
    - CVE-2023-27102
  * SECURITY UPDATE: heap-buffer-overflow
    - debian/patches/CVE-2023-27103.patch: check for valid slice
      header index access.
    - CVE-2023-27103
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2023-43887.patch: fix buffer overflow via the
      num_tile_columns and num_tile_row parameters in the function
      pic_parameter_set::dump.
    - CVE-2023-43887
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2023-47471.patch: check for null-pointer in
      functon slice_segment_header::dump_slice_segment_header.
    - CVE-2023-47471
  * SECURITY UPDATE: heap-buffer-overflow
    - debian/patches/CVE-2023-49465.patch: fix buffer overflow via the
      derive_spatial_luma_vector_prediction function.
    - CVE-2023-49465
  * SECURITY UPDATE: heap-buffer-overflow
    - debian/patches/CVE-2023-49467.patch: prevent endless loop in
      decode_ref_idx_lX function when numRefIdxLXActive is invalid.
    - CVE-2023-49467
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2023-49468.patch: sanitize values if IPM is
      uninitialized in get_IntraPredMode function.
    - CVE-2023-49468

 -- Fabian Toepfer <email address hidden> Fri, 01 Mar 2024 10:52:18 +0100
Source diff to previous version
CVE-2023-27102 Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decoder_context::process_slice_segment_header at decctx.cc.
CVE-2023-27103 Libde265 v1.0.11 was discovered to contain a heap buffer overflow via the function derive_collocated_motion_vectors at motion.cc.
CVE-2023-43887 Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_paramet
CVE-2023-47471 Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header funct
CVE-2023-49465 Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function at motion.cc.
CVE-2023-49467 Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vulnerability in the derive_combined_bipredictive_merging_candidates function at mo
CVE-2023-49468 Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerability in the read_coding_unit function at slice.cc.

Version: 1.0.4-1ubuntu0.3 2024-02-26 21:06:47 UTC

  libde265 (1.0.4-1ubuntu0.3) focal-security; urgency=medium

  * SECURITY UPDATE: read-out-of-bounds
    - debian/patches/CVE-2022-43245.patch: fix illegal table access
      when input pixel is out of range.
    - CVE-2022-43245
  * SECURITY UPDATE: heap-buffer-overflow
    - debian/patches/CVE-2022-43249.patch: checking in MC whether
      bit-depths match.
    - CVE-2022-43244
    - CVE-2022-43249
    - CVE-2022-43250
  * SECURITY UPDATE: heap-buffer-overflow
    - debian/patches/CVE-2022-47665.patch: image's ctb_info has to be
      reallocated also when dimensions change even if total number of
      CTBs stays the same.
    - CVE-2022-47665
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2023-24751.patch: another MC fix for
      monochroma images.
    - CVE-2023-24751
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2023-24752.patch: another MC fix for
      monochroma images.
    - CVE-2023-24752
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2023-24754.patch: fix for monochrome MC.
    - CVE-2023-24754
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2023-24755.patch: fix for monochrome MC.
    - CVE-2023-24755
    - CVE-2023-24756
    - CVE-2023-24757
    - CVE-2023-24758
  * SECURITY UPDATE: heap-buffer-overflow
    - debian/patches/CVE-2023-25221.patch: check for invalid refIdx.
    - CVE-2023-25221
  * Add patches:
    - d/p/check-for-negative-q-values-in-invalid-input-streams.patch

 -- Fabian Toepfer <email address hidden> Wed, 14 Feb 2024 20:39:49 +0100
Source diff to previous version
CVE-2022-43245 Libde265 v1.0.8 was discovered to contain a segmentation violation via apply_sao_internal<unsigned short> in sao.cc. This vulnerability allows attack
CVE-2022-43249 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback<unsigned short> in fallback-motion.cc. This v
CVE-2022-43244 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vuln
CVE-2022-43250 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This vulnerability
CVE-2022-47665 Libde265 1.0.9 has a heap buffer overflow vulnerability in de265_image::set_SliceAddrRS(int, int, int)
CVE-2023-24751 libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. This vulnerability allows attackers to
CVE-2023-24752 libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. This vulne
CVE-2023-24754 libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vuln
CVE-2023-24755 libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc. This vulner
CVE-2023-24756 libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc. This vulner
CVE-2023-24757 libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_unweighted_pred_16_fallback function at fallback-motion.cc. This vul
CVE-2023-24758 libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vuln
CVE-2023-25221 Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function in motion.cc.

Version: 1.0.4-1ubuntu0.2 2024-02-08 16:06:47 UTC

  libde265 (1.0.4-1ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: denial-of-service
    - debian/patches/CVE-2021-35452.patch: fix check for valid PPS idx.
    - CVE-2021-35452
  * SECURITY UPDATE: heap-buffer-overflow
    - debian/patches/CVE-2021-36409.patch: fix assertion when reading
      invalid scaling_list.
    - CVE-2021-36409
  * SECURITY UPDATE: stack-buffer-overflow
    - debian/patches/CVE-2021-36410.patch: fix MC with HDR chroma, but
      SDR luma.
    - CVE-2021-36410
  * SECURITY UPDATE: read-out-of-bounds
    - debian/patches/CVE-2021-36411.patch: fix reading invalid images
      where shdr references are NULL in part of the image.
    - CVE-2021-36411
  * SECURITY UPDATE: stack-buffer-overflow
    - debian/patches/CVE-2022-43236.patch: check that image bit-depth
      matches SPS bit depth.
    - CVE-2022-43235
    - CVE-2022-43236
    - CVE-2022-43248
    - CVE-2022-43253
  * SECURITY UPDATE: stack-buffer-overflow
    - debian/patches/CVE-2022-43237.patch: check that image chroma
      format matches the SPS chroma format.
    - CVE-2022-43237
    - CVE-2022-43243
    - CVE-2022-43252
  * SECURITY UPDATE: read-out-of-bounds
    - debian/patches/CVE-2022-43238.patch: check that image size
      matches sps.
    - CVE-2022-43238
    - CVE-2022-43239
    - CVE-2022-43240
    - CVE-2022-43241
    - CVE-2022-43242
  * Add d/p/fix-invalid-memory-access-after-unavailable-reference-frame-insertion.patch

 -- Fabian Toepfer <email address hidden> Tue, 06 Feb 2024 16:51:20 +0100
Source diff to previous version
CVE-2021-35452 An Incorrect Access Control vulnerability exists in libde265 v1.0.8 due to a SEGV in slice.cc.
CVE-2021-36409 There is an Assertion `scaling_list_pred_matrix_id_delta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to ca
CVE-2021-36410 A stack-buffer-overflow exists in libde265 v1.0.8 via fallback-motion.cc in function put_epel_hv_fallback when running program dec265.
CVE-2021-36411 An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function derive_boundaryStrength
CVE-2022-43236 Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vul
CVE-2022-43235 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in sse-motion.cc. This vulnerab
CVE-2022-43248 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc. This vuln
CVE-2022-43253 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_unweighted_pred_16_fallback in fallback-motion.cc. This vulner
CVE-2022-43237 Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void put_epel_hv_fallback<unsigned short> in fallback-motion.cc.
CVE-2022-43243 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_weighted_pred_avg_8_sse in sse-motion.cc. This vulnera
CVE-2022-43252 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_16_fallback in fallback-motion.cc. This vulnerability all
CVE-2022-43238 Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_h_3_v_3_sse in sse-motion.cc. This vulnerability allows attacker
CVE-2022-43239 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_chroma<unsigned short> in motion.cc. This vulnerability allows
CVE-2022-43240 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_qpel_h_2_v_1_sse in sse-motion.cc. This vulnerabi
CVE-2022-43241 Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_v_3_8_sse in sse-motion.cc. This vulnerability allows attackers
CVE-2022-43242 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_luma<unsigned char> in motion.cc. This vulnerability allows att

Version: 1.0.4-1ubuntu0.1 2024-01-30 17:08:22 UTC

  libde265 (1.0.4-1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: buffer overflow vulnerability
    - debian/patches/CVE-2020-21596.patch: initialize newly created
      CABAC model table.
    - CVE-2020-21596
  * SECURITY UPDATE: heap buffer overflow vulnerability
    - debian/patches/CVE-2020-21605.patch: return error when PCM bits
      parameter exceeds pixel depth.
    - CVE-2020-21595
    - CVE-2020-21599
    - CVE-2020-21600
    - CVE-2020-21601
    - CVE-2020-21602
    - CVE-2020-21603
    - CVE-2020-21604
    - CVE-2020-21605
  * SECURITY UPDATE: use-after-free vulnerability
    - debian/patches/CVE-2021-36408: fix streams where SPS image
      size changes without refreshing PPS.
    - CVE-2020-21597
    - CVE-2020-21598
    - CVE-2020-21606
    - CVE-2021-36408

 -- Fabian Toepfer <email address hidden> Fri, 26 Jan 2024 20:57:57 +0100
CVE-2020-21596 libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a file.
CVE-2020-21605 libde265 v1.0.4 contains a segmentation fault in the apply_sao_internal function, which can be exploited via a crafted a file.
CVE-2020-21595 libde265 v1.0.4 contains a heap buffer overflow in the mc_luma function, which can be exploited via a crafted a file.
CVE-2020-21599 libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file.
CVE-2020-21600 libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pred_avg_16_fallback function, which can be exploited via a crafted a file.
CVE-2020-21601 libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallback function, which can be exploited via a crafted a file.
CVE-2020-21602 libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a file.
CVE-2020-21603 libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fallback_16 function, which can be exploited via a crafted a file.
CVE-2020-21604 libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl_epi64 function, which can be exploited via a crafted a file.
CVE-2021-36408 An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-free in intrapred.h when decoding file using dec265.
CVE-2020-21597 libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file.
CVE-2020-21598 libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file.
CVE-2020-21606 libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_16_fallback function, which can be exploited via a crafted a file.


About   -   Send Feedback to @ubuntu_updates