| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-Properly-set-perl-script-shebang.patch | Properly set perl script shebang | =?utf-8?q?G=C3=BCrkan_Myczko?= <gurkan@phys.ethz.ch> | no | 2019-07-25 | ||
| 0002-CVE-2023-40889-qrdec.c-Fix-array-out-of-bounds-acces.patch | CVE-2023-40889 qrdec.c: Fix array out-of-bounds access Fixes CVE-2023-40889 by ensuring the array access is within bounds when we trigger the exit condition (setting all loop variables to `_ncenters`). Patch sent upstream and slightly adapted by: Michael Vetter <jubalh@iodoru.org> |
Remi Meier <remi.meier@xorlab.com> | yes | debian upstream | https://github.com/Raemi/zbar/commit/5e8acc6974f17e56c3ddaa5509870beb8d7a599c.patch | 2023-11-28 |
| 0003-Add-bounds-check-for-CVE-2023-40890.patch | Add bounds check for CVE-2023-40890 Add a check to avoid exploitation of the CVE. [debian] do not hardcode size of array and return -1 in case of error, and return no symbol Patch sent upstream and slightly adapted by: Michael Vetter <jubalh@iodoru.org> |
Remi Meier <remi.meier@xorlab.com> | yes | debian upstream | https://github.com/mchehab/zbar/commit/d5857d3f7d0f5a243c517ee22762e1e3ddeb8db2 | 2023-10-19 |