Package "liblouis20"
Name: |
liblouis20
|
Description: |
Braille translation library - shared libs
|
Latest version: |
3.20.0-2ubuntu0.2 |
Release: |
jammy (22.04) |
Level: |
security |
Repository: |
main |
Head package: |
liblouis |
Homepage: |
http://liblouis.org/ |
Links
Download "liblouis20"
Other versions of "liblouis20" in Jammy
Changelog
liblouis (3.20.0-2ubuntu0.2) jammy-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2023-26767.patch: check the length
of path before copying indo dataPath in
liblouis/compileTranslationTable.c, liblouis/liblouis.h.in.
- CVE-2023-26767
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2023-26768-1.patch: check filename before
coping to initialLogFileName in liblouis/logging.c.
- debian/patches/CVE-2023-26768-2.patch: replace the magic
number with a define in liblouis/logging.c.
- CVE-2023-26768
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2023-26769-1.patch: check path length
before coping into tableFile in liblouis/compileTranslationTable.c.
- debian/patches/CVE-2023-26769-2.patch: fix format in
liblouis/compileTranslationTable.c.
- debian/patches/CVE-2023-26769-3.patch: add parentheses for
define expression in liblouis/compileTranslationTable.c.
- CVE-2023-26769
-- Leonidas Da Silva Barbosa <email address hidden> Fri, 17 Mar 2023 15:16:23 -0300
|
Source diff to previous version |
CVE-2023-26767 |
Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the lou_logFile function at loggin |
CVE-2023-26768 |
Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the compileTranslationTable.c and |
CVE-2023-26769 |
Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable func |
|
liblouis (3.20.0-2ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2022-26981.patch: prevent writing
past CharString memory in compilePassOpcode in
liblouis/compileTranslationTable.c.
- CVE-2022-26981
* SECURITY UPDATE: Out-of-bounds
- debian/patches/CVE-2022-31783.patch: prevent an invalid
memory writes in compileRule in liblouis/compileTranslationTable.c.
- CVE-2022-31783
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 01 Jun 2022 13:30:50 -0300
|
CVE-2022-26981 |
Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c). |
CVE-2022-31783 |
Liblouis 3.21.0 has an out-of-bounds write in compileRule in compileTranslationTable.c, as demonstrated by lou_trace. |
|
About
-
Send Feedback to @ubuntu_updates