Package: liblouis / 3.0.0-3+deb9u4

Metadata

Package Version Patches format
liblouis 3.0.0-3+deb9u4 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
CVE 2017 13738 and 2017 13744.patch | (download)

liblouis/compileTranslationTable.c | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 [patch] fix possible out-of-bounds write from a \ followed by
 multiple newlines

Fixes CVE-2017-13738 and CVE-2017-13744.
CVE 2017 13739 and 2017 13740 and 2017 13742.patch | (download)

liblouis/compileTranslationTable.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 [patch] resolvesubtable: fix buffer overflow parsing a malformed
 table

The subtable's name can theoretically be up to MAXSTRING characters long.
The base name is then copied into a buffer, and the subtable's name is
appended, so we should allocate more than MAXSTRING bytes for the buffer.

Fixes CVE-2017-13739, CVE-2017-13740, and CVE-2017-13742.

CVE 2017 13743.patch | (download)

liblouis/compileTranslationTable.c | 18 9 + 9 - 0 !
1 file changed, 9 insertions(+), 9 deletions(-)

---
CVE 2017 13741.patch | (download)

liblouis/compileTranslationTable.c | 89 67 + 22 - 0 !
1 file changed, 67 insertions(+), 22 deletions(-)

---
CVE 2017 13741 2.patch | (download)

liblouis/compileTranslationTable.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

---
cve 2018 11410 | (download)

liblouis/pattern.c | 6 4 + 2 - 0 !
1 file changed, 4 insertions(+), 2 deletions(-)

---
cve 2018 11440 | (download)

liblouis/compileTranslationTable.c | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

---
cve 2018 11577 | (download)

liblouis/compileTranslationTable.c | 16 15 + 1 - 0 !
1 file changed, 15 insertions(+), 1 deletion(-)

---
cve 2018 11683 | (download)

liblouis/compileTranslationTable.c | 6 3 + 3 - 0 !
tools/lou_translate.c | 12 5 + 7 - 0 !
2 files changed, 8 insertions(+), 10 deletions(-)

---
cve 2018 11684 | (download)

liblouis/compileTranslationTable.c | 7 5 + 2 - 0 !
1 file changed, 5 insertions(+), 2 deletions(-)

---
cve 2018 11685 | (download)

liblouis/compileTranslationTable.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
cve 2018 12085 | (download)

liblouis/compileTranslationTable.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---