[ubuntu/bionic-updates] fig2dev 1:3.2.6a-6ubuntu1.1 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Mon Feb 13 14:58:10 UTC 2023 

fig2dev (1:3.2.6a-6ubuntu1.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Denial of Service
    - debian/patches/CVE-2019-14275.patch: fixed a buffer overflow in
      calc_arrow function.
    - debian/patches/CVE-2019-19555[-test].patch: fixed a buffer overflow in
      read_textobject function and added tests to see if it's fixed.
    - debian/patches/CVE-2020-21534.patch: fixed an out-of-bounds write
      in read_colordef function (CVE-2019-19797), a segmentation fault
      in read_objects function (CVE-2020-21530), a buffer overflow in
      read_textobject function (CVE-2020-21533), a buffer overflow in
      get_line function (CVE-2020-21534), a segmentation fault in
      gencgm_start function (CVE-2020-21535), and a buffer overflow in
      genptk_text function (CVE-2020-21675).
    - debian/patches/CVE-2020-21529.patch: fixed a buffer overflow in
      bezier_spline function.
    - debian/patches/CVE-2020-21531.patch: fixed a buffer overflow in
      conv_pattern_index function.
    - debian/patches/CVE-2020-21532.patch: fixed a buffer overflow in
      setfigfont function.
    - debian/patches/CVE-2020-21676.patch: fixed a buffer overflow in
      genpstrx_text function.
    - debian/patches/CVE-2021-3561.patch: fixed a flawed bounds check in
      read_objects function.
    - debian/patches/CVE-2021-32280.patch: fixed a NULL pointer dereference
      in compute_closed_spline function.
    - CVE-2019-14275
    - CVE-2019-19555
    - CVE-2019-19797
    - CVE-2020-21530
    - CVE-2020-21533
    - CVE-2020-21534
    - CVE-2020-21535
    - CVE-2020-21675
    - CVE-2020-21529
    - CVE-2020-21531
    - CVE-2020-21532
    - CVE-2020-21676
    - CVE-2021-3561
    - CVE-2021-32280

Date: 2023-02-13 10:58:09.335605+00:00
Changed-By: Amir Naseredini <amir.naseredini at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/fig2dev/1:3.2.6a-6ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.

More information about the Bionic-changes mailing list