[ubuntu/xenial-updates] p11-kit 0.23.2-5~ubuntu16.04.2 (Accepted)

Tue, 05 Jan 2021 09:34:36 -0800 

p11-kit (0.23.2-5~ubuntu16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: multiple integer overflows
    - debian/patches/CVE-2020-29361-1.patch: check for arithmetic overflows
      before allocating in p11-kit/iter.c, p11-kit/lists.c,
      p11-kit/proxy.c, p11-kit/rpc-message.c, p11-kit/rpc-message.h,
      p11-kit/rpc-server.c, trust/index.c.
    - debian/patches/CVE-2020-29361-2.patch: add reallocarray and follow-up
      to arithmetic overflow fix in common/compat.c, common/compat.h,
      p11-kit/rpc-message.c.
    - CVE-2020-29361
  * SECURITY UPDATE: heap over-read in the RPC protocol
    - debian/patches/CVE-2020-29362.patch: fix bounds check in
      p11-kit/rpc-message.c.
    - CVE-2020-29362

Date: 2021-01-04 19:43:12.706348+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
Signed-By: Ubuntu Archive Robot 
<cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/p11-kit/0.23.2-5~ubuntu16.04.2

Sorry, changesfile not available.
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

Reply via email to