-
liblouis (3.5.0-1ubuntu0.5) bionic-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2023-26767.patch: check the length
of path before copying indo dataPath in
liblouis/compileTranslationTable.c, liblouis/liblouis.h.in.
- CVE-2023-26767
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2023-26768-1.patch: check filename before
coping to initialLogFileName in liblouis/logging.c.
- debian/patches/CVE-2023-26768-2.patch: replace the magic
number with a define in liblouis/logging.c.
- CVE-2023-26768
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2023-26769-1.patch: check path length
before coping into tableFile in liblouis/compileTranslationTable.c.
- debian/patches/CVE-2023-26769-2.patch: fix format in
liblouis/compileTranslationTable.c.
- debian/patches/CVE-2023-26769-3.patch: add parentheses for
define expression in liblouis/compileTranslationTable.c.
- CVE-2023-26769
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 27 Mar 2023 09:13:06 -0300
-
liblouis (3.5.0-1ubuntu0.4) bionic-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds
- debian/patches/CVE-2022-31783.patch: prevent an invalid
memory writes in compileRule in liblouis/compileTranslationTable.c.
- CVE-2022-31783
-- Leonidas Da Silva Barbosa <email address hidden> Thu, 09 Jun 2022 10:37:45 -0300
-
liblouis (3.5.0-1ubuntu0.3) bionic-security; urgency=medium
* SECURITY UPDATE: Stack-based buffer overflow
- debian/patches/CVE-2018-12085.patch: fix in
liblouis/compileTranslationTable.c.
- CVE-2018-12085
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-17294.patch: fix in
liblouis/lou_translateString.c
- CVE-2018-17294
-- <email address hidden> (Leonidas S. Barbosa) Tue, 02 Oct 2018 11:13:18 -0300
-
liblouis (3.5.0-1ubuntu0.2) bionic-security; urgency=medium
* SECURITY UPDATE: Stack-based buffer overflow
- debian/patches/CVE-2018-11683.patch: fix in
liblouis/compileTranslationTable.c, tools/lou_translate.c.
- CVE-2018-11683
* SECURITY UPDATE: Stack-based buffer overflow
- debian/patches/CVE-2018-11684.patch: fix in
liblouis/compileTranslationTable.c.
- CVE-2018-11684
* SECURITY UPDATE: Stack-based buffer overflow
- debian/patches/CVE-2018-11685.patch: fix in
liblouis/compileTranslationTable.c.
- CVE-2018-11685
-- <email address hidden> (Leonidas S. Barbosa) Tue, 05 Jun 2018 14:46:53 -0300
-
liblouis (3.5.0-1ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-11410.patch: fix in liblouis/pattern.c.
- CVE-2018-11410
* SECURITY UPDATE: Stack-based buffer overflow
- debian/patches/CVE-2018-11440.patch: fix in table parsing
liblouis/compileTranslationTable.c.
- CVE-2018-11440
* SECURITY UPDATE: Buffer overflow in braille table parser
- debian/patches/CVE-2018-11577.patch: fix in
liblouis/compileTranslationTable.c.
- CVE-2018-11577
-- <email address hidden> (Leonidas S. Barbosa) Mon, 04 Jun 2018 12:57:43 -0300
-
liblouis (3.5.0-1) unstable; urgency=medium
* New upstream release.
-- Samuel Thibault <email address hidden> Sun, 11 Mar 2018 14:41:16 +0100
-
liblouis (3.4.1-1) unstable; urgency=medium
* New upstream release.
* control: Bump Standards-Version to 4.1.1 (no changes).
-- Samuel Thibault <email address hidden> Fri, 29 Sep 2017 01:01:51 +0200
-
liblouis (3.3.0-1) unstable; urgency=medium
* New upstream release (Closes: Bug#874302).
- rename liblouis12 to liblouis14 according to soname bump.
* Use canonical anonscm vcs URL.
* control: Update maintainer mailing list.
* control: Migrate priority to optional.
* control: Bump Standards-Version to 4.1.0.
-- Samuel Thibault <email address hidden> Fri, 08 Sep 2017 01:01:17 +0200
-
liblouis (3.0.0-3ubuntu1) artful; urgency=medium
* SECURITY UPDATE: Illegal address access in getALine
- debian/patches/CVE-2017-13738-and-2017-13744.patch: fix
possible out-of-bounds write in liblouis/compileTranslationTable.c.
- CVE-2017-13738
- CVE-2017-13744
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2017-13739-and-2017-13740-and-2017-13742.patch:
fix buffer overflow parsing malformed table in
liblouis/compilerTranslationTable.c.
- CVE-2017-13739
- CVE-2017-13740
- CVE-2017-13742
-- <email address hidden> (Leonidas S. Barbosa) Mon, 04 Sep 2017 10:08:02 -0300
