Page MenuHomeSolus

Update sane-backends to 1.0.30

Authored by Girtablulu on May 21 2020, 2:31 PM.



Update sane-backends to 1.0.30

epson2: fixes CVE-2020-12867 (GHSL-2020-075) and several memory management issues found while addressing that CVE
epsonds: addresses out-of-bound memory access issues to fix CVE-2020-12862 (GHSL-2020-082) and CVE-2020-12863 (GHSL-2020-083), addresses a buffer overflow fixing CVE-2020-12865 (GHSL-2020-084)
and disables network autodiscovery to mitigate CVE-2020-12866 (GHSL-2020-079), CVE-2020-12861 (GHSL-2020-080) and CVE-2020-12864 (GHSL-2020-081). Note that this backend does not support network
scanners to begin with.
magicolor: fixes a floating point exception and uninitialized data read
fixes an overflow in sanei_tcp_read()

Test Plan

Rebuild everything, used libreoffice, scanned via simple-scan and print something on my HP printer

Diff Detail

R2843 sane-backends
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

Girtablulu created this revision.May 21 2020, 2:31 PM
Girtablulu requested review of this revision.May 21 2020, 2:31 PM
Girtablulu added a project: Restricted Project.May 21 2020, 2:31 PM
DataDrake accepted this revision.May 26 2020, 7:50 PM
DataDrake added a subscriber: DataDrake.

LGTM. Thanks!

This revision is now accepted and ready to land.May 26 2020, 7:50 PM
This revision was automatically updated to reflect the committed changes.