diff options
author | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2020-05-26 12:15:18 +0200 |
---|---|---|
committer | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2020-05-26 12:15:18 +0200 |
commit | c393b9b94c4718c86df08b26ec36a4a2ba4c34ad (patch) | |
tree | c085558d171157c60138c85a02a9d43e92d4b4e4 /NEWS | |
parent | 55a1f6d3b8dcb0493a112602ea277a706554efcd (diff) | |
parent | d2c6277fad9d31cde9499c4a34c0bb3e30efa509 (diff) |
Merge branch 'release/experimental/1.0.30-1_experimental1'experimental/1.0.30-1_experimental1
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 28 |
1 files changed, 27 insertions, 1 deletions
@@ -1,6 +1,31 @@ <!-- -*- Mode: markdown -*- --> -## New with 1.0.29 (upcoming release) +## New with 1.0.30 (released 2020-05-17) + +This release fixes several security related issues and a build issue. + +### Backends + +- `epson2`: fixes CVE-2020-12867 (GHSL-2020-075) and several memory + management issues found while addressing that CVE +- `epsonds`: addresses out-of-bound memory access issues to fix + CVE-2020-12862 (GHSL-2020-082) and CVE-2020-12863 (GHSL-2020-083), + addresses a buffer overflow fixing CVE-2020-12865 (GHSL-2020-084) + and disables network autodiscovery to mitigate CVE-2020-12866 + (GHSL-2020-079), CVE-2020-12861 (GHSL-2020-080) and CVE-2020-12864 + (GHSL-2020-081). Note that this backend does not support network + scanners to begin with. +- `magicolor`: fixes a floating point exception and uninitialized data + read +- fixes an overflow in `sanei_tcp_read()` + +### Build + +- fixes a build issue where linker flags would become link time + dependencies (#239) + + +## New with 1.0.29 (released 2020-02-02) ### Backends @@ -36,6 +61,7 @@ irrespective of the `pthread_t` type (#153) - moves the `genesys` and `pixma` backends to a directory of their own + ## New with 1.0.28 (released 2019-07-31) ### Backends |