diff options
author | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2020-05-23 09:51:36 +0200 |
---|---|---|
committer | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2020-05-23 09:51:36 +0200 |
commit | 9c23ed018d72eed2554f4f9cff1ae6e6bb0cd479 (patch) | |
tree | 341ed14001deb0670a2b98b72039885c9a204dcf /NEWS | |
parent | ffa8801644a7d53cc1c785e3450f794c07a14eb0 (diff) |
New upstream version 1.0.30upstream/1.0.30
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 28 |
1 files changed, 27 insertions, 1 deletions
@@ -1,6 +1,31 @@ <!-- -*- Mode: markdown -*- --> -## New with 1.0.29 (upcoming release) +## New with 1.0.30 (released 2020-05-17) + +This release fixes several security related issues and a build issue. + +### Backends + +- `epson2`: fixes CVE-2020-12867 (GHSL-2020-075) and several memory + management issues found while addressing that CVE +- `epsonds`: addresses out-of-bound memory access issues to fix + CVE-2020-12862 (GHSL-2020-082) and CVE-2020-12863 (GHSL-2020-083), + addresses a buffer overflow fixing CVE-2020-12865 (GHSL-2020-084) + and disables network autodiscovery to mitigate CVE-2020-12866 + (GHSL-2020-079), CVE-2020-12861 (GHSL-2020-080) and CVE-2020-12864 + (GHSL-2020-081). Note that this backend does not support network + scanners to begin with. +- `magicolor`: fixes a floating point exception and uninitialized data + read +- fixes an overflow in `sanei_tcp_read()` + +### Build + +- fixes a build issue where linker flags would become link time + dependencies (#239) + + +## New with 1.0.29 (released 2020-02-02) ### Backends @@ -36,6 +61,7 @@ irrespective of the `pthread_t` type (#153) - moves the `genesys` and `pixma` backends to a directory of their own + ## New with 1.0.28 (released 2019-07-31) ### Backends |