| Release | Version |
|---|---|
| jessie | 0.10.2-3+deb8u1 |
| stretch | 1:0.13.4-2 |
| buster | 1:0.14.0-2 |
| bullseye | 1:0.15.0-2 |
| bookworm | 1:0.17.1-1 |
| trixie | 1:0.17.3-1 |
| sid | 1:0.17.3-1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-26682 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | In libass 0.14.0, the `ass_outline_construct`'s call to `outline_strok ... |
| CVE-2020-24994 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | Stack overflow in the parse_tag function in libass/ass_parse.c in liba ... |
| Bug | Description |
|---|---|
| CVE-2020-36430 | libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode ... |
| CVE-2016-7972 | The check_allocations function in libass/ass_shaper.c in libass before ... |
| CVE-2016-7970 | Buffer overflow in the calc_coeff function in libass/ass_blur.c in lib ... |
| CVE-2016-7969 | The wrap_lines_smart function in ass_render.c in libass before 0.13.4 ... |
| DSA / DLA | Description |
|---|---|
| ELA-319-1 | libass - security update |
| DLA-668-1 | libass - security update |