Package: libebml | Debian Sources

Package: libebml / 1.3.0-2+deb8u1

Metadata

Package	Version	Patches format
libebml	1.3.0-2+deb8u1	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
CVE 2015 8789.patch \| (download)	src/EbmlMaster.cpp \| 21 18 + 3 - 0 ! 1 file changed, 18 insertions(+), 3 deletions(-)	cve-2015-8789 Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document. Reviewed by upstream: https://github.com/Matroska-Org/libebml/issues/14
CVE 2015 8791.patch \| (download)	src/EbmlElement.cpp \| 5 5 + 0 - 0 ! 1 file changed, 5 insertions(+)	cve-2015-8791 The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access.
CVE 2015 8790.patch \| (download)	src/EbmlUnicodeString.cpp \| 60 37 + 23 - 0 ! 1 file changed, 37 insertions(+), 23 deletions(-)	cve-2015-8790 The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access.

Patch

File delta

Description

CVE 2015 8789.patch | (download)

src/EbmlMaster.cpp | 21 18 + 3 - 0 !
1 file changed, 18 insertions(+), 3 deletions(-)

 cve-2015-8789

Use-after-free vulnerability in the EbmlMaster::Read function in libEBML
before 1.3.3 allows context-dependent attackers to have unspecified impact
via a "deeply nested element with infinite size" followed by another
element of an upper level in an EBML document.

Reviewed by upstream: https://github.com/Matroska-Org/libebml/issues/14

CVE 2015 8791.patch | (download)

src/EbmlElement.cpp | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

 cve-2015-8791

The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows
context-dependent attackers to obtain sensitive information from process heap
memory via a crafted length value in an EBML id, which triggers an invalid
memory access.

CVE 2015 8790.patch | (download)

src/EbmlUnicodeString.cpp | 60 37 + 23 - 0 !
1 file changed, 37 insertions(+), 23 deletions(-)

 cve-2015-8790

The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows
context-dependent attackers to obtain sensitive information from process heap
memory via a crafted UTF-8 string, which triggers an invalid memory access.