File _patchinfo of Package patchinfo.37834

<patchinfo incident="37834">
  <issue tracker="cve" id="2025-2177"/>
  <issue tracker="cve" id="2025-2173"/>
  <issue tracker="cve" id="2025-2176"/>
  <issue tracker="cve" id="2025-2175"/>
  <issue tracker="cve" id="2025-2174"/>
  <issue tracker="bnc" id="1239319">VUL-0: CVE-2025-2176: zvbi: Avoid integer overflow leading to heap overflow in src/conv.c, src/io-sim.c, src/search.c</issue>
  <issue tracker="bnc" id="1239312">VUL-0: CVE-2025-2175: zvbi: integer overflow in _vbi_strndup_iconv</issue>
  <issue tracker="bnc" id="1239299">VUL-0: CVE-2025-2174: zvbi: Avoid integer overflow leading to heap overflow in src/conv.c, src/io-sim.c, src/search.c</issue>
  <issue tracker="bnc" id="1239222">VUL-0: CVE-2025-2173: zvbi: src/conv.c: Check src_length to avoid an unitinialized heap read</issue>
  <issue tracker="bnc" id="1239320">VUL-0: CVE-2025-2177: zvbi: vulnerability affects the function vbi_search_new of the file src/search.c</issue>
  <packager>pgajdos</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for zvbi</summary>
  <description>This update for zvbi fixes the following issues:
  
  - CVE-2025-2173: Fixed check on src_length to avoid an unitinialized heap read (bsc#1239222).
  - CVE-2025-2174: Fixed integer overflow leading to heap overflow in src/conv.c, src/io-sim.c, src/search.c (bsc#1239299).
  - CVE-2025-2175: Fixed integer overflow in _vbi_strndup_iconv (bsc#1239312).
  - CVE-2025-2176: Fixed integer overflow in function vbi_capture_sim_load_caption in src/io-sim.c (bsc#1239319).
  - CVE-2025-2177: Fixed integer overflow in function vbi_search_new in src/search.c (bsc#1239320).
</description>
</patchinfo>