Information on source package libplist

Available versions

ReleaseVersion
wheezy1.8-1
wheezy (security)1.8-1+deb7u3
jessie1.11-3
stretch1.12+git+1+e37ca00-0.3
buster1.12+git+1+e37ca00-0.3
sid1.12+git+1+e37ca00-0.3

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-7982vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedInteger overflow in the plist_from_bin function in bplist.c in ...
CVE-2017-6440fixedvulnerable (no DSA)fixedfixedfixedThe parse_data_node function in bplist.c in libimobiledevice libplist ...
CVE-2017-6439fixedvulnerable (no DSA)fixedfixedfixedHeap-based buffer overflow in the parse_string_node function in ...
CVE-2017-6438fixedvulnerable (no DSA)fixedfixedfixedHeap-based buffer overflow in the parse_unicode_node function in ...
CVE-2017-6437fixedvulnerable (no DSA)fixedfixedfixedThe base64encode function in base64.c in libimobiledevice libplist ...
CVE-2017-6436fixedvulnerable (no DSA)fixedfixedfixedThe parse_string_node function in bplist.c in libimobiledevice ...
CVE-2017-6435fixedvulnerable (no DSA)fixedfixedfixedThe parse_string_node function in bplist.c in libimobiledevice ...
CVE-2017-5836vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe plist_free_data function in plist.c in libplist allows attackers ...
CVE-2017-5835fixedvulnerable (no DSA)fixedfixedfixedlibplist allows attackers to cause a denial of service (large memory ...
CVE-2017-5834fixedvulnerable (no DSA)fixedfixedfixedThe parse_dict_node function in bplist.c in libplist allows attackers ...
CVE-2017-5545fixedvulnerable (no DSA)fixedfixedfixedThe main function in plistutil.c in libimobiledevice libplist through ...
CVE-2017-5209fixedvulnerable (no DSA)fixedfixedfixedThe base64decode function in base64.c in libimobiledevice libplist ...

Security announcements

DSA / DLADescription
DLA-870-1libplist - security update
DLA-840-1libplist - security update
DLA-811-1libplist - security update

Search for package or bug name: Reporting problems