diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 28 | 
1 files changed, 27 insertions, 1 deletions
| @@ -1,6 +1,31 @@  <!-- -*- Mode: markdown -*- --> -## New with 1.0.29 (upcoming release) +## New with 1.0.30 (released 2020-05-17) + +This release fixes several security related issues and a build issue. + +### Backends + +- `epson2`: fixes CVE-2020-12867 (GHSL-2020-075) and several memory +  management issues found while addressing that CVE +- `epsonds`: addresses out-of-bound memory access issues to fix +  CVE-2020-12862 (GHSL-2020-082) and CVE-2020-12863 (GHSL-2020-083), +  addresses a buffer overflow fixing CVE-2020-12865 (GHSL-2020-084) +  and disables network autodiscovery to mitigate CVE-2020-12866 +  (GHSL-2020-079), CVE-2020-12861 (GHSL-2020-080) and CVE-2020-12864 +  (GHSL-2020-081).  Note that this backend does not support network +  scanners to begin with. +- `magicolor`: fixes a floating point exception and uninitialized data +  read +- fixes an overflow in `sanei_tcp_read()` + +### Build + +- fixes a build issue where linker flags would become link time +  dependencies (#239) + + +## New with 1.0.29 (released 2020-02-02)  ### Backends @@ -36,6 +61,7 @@    irrespective of the `pthread_t` type (#153)  - moves the `genesys` and `pixma` backends to a directory of their own +  ## New with 1.0.28 (released 2019-07-31)  ### Backends | 
