Package "libquicktime-dev"

Name:	libquicktime-dev
Description:	library for reading and writing Quicktime files (development)
Latest version:	2:1.2.4-7+deb8u1ubuntu0.1
Release:	xenial (16.04)
Level:	updates
Repository:	universe
Head package:	libquicktime
Homepage:	http://libquicktime.sourceforge.net/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "libquicktime-dev"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "libquicktime-dev" in Xenial

Repository	Area	Version
base	universe	2:1.2.4-7build3
security	universe	2:1.2.4-7+deb8u1ubuntu0.1

Changelog

Version: 2:1.2.4-7+deb8u1ubuntu0.1 2020-09-23 18:06:51 UTC

libquicktime (2:1.2.4-7+deb8u1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: DoS caused by infinite loop, heap-based buffer over-read/write, and null ptr dereference - debian/patches/CVE-2017-9122-9218.patch: Add some sanity checks and adjust integer types to avoid memory handling errors. - CVE-2017-9122 - CVE-2017-9123 - CVE-2017-9124 - CVE-2017-9125 - CVE-2017-9126 - CVE-2017-9127 - CVE-2017-9128 -- Mike Salvatore <email address hidden> Wed, 23 Sep 2020 09:02:05 -0400

Source diff to previous version

CVE-2017-9122	The quicktime_read_moov function in moov.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (infinite loop and CPU consumpt
CVE-2017-9123	The lqt_frame_duration function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (invalid memory read an
CVE-2017-9124	The quicktime_match_32 function in util.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (NULL pointer dereference and ap
CVE-2017-9125	The lqt_frame_duration function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer over
CVE-2017-9126	The quicktime_read_dref_table function in dref.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer overfl
CVE-2017-9127	The quicktime_user_atoms_read_atom function in useratoms.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buf
CVE-2017-9128	The quicktime_video_width function in lqt_quicktime.c in libquicktime 1.2.4 allows remote attackers to cause a denial of service (heap-based buffer o

Version: 2:1.2.4-7+deb8u1build0.16.04.1	2017-03-13 20:06:49 UTC
`libquicktime (2:1.2.4-7+deb8u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian`

About - Send Feedback to @ubuntu_updates

Package "libquicktime-dev"

Links

Download "libquicktime-dev"

Other versions of "libquicktime-dev" in Xenial

Changelog

Share this page

Bookmarks

Latest updates

updates

proposed

security

PPA updates