CVE-2020-21676

Name	CVE-2020-21676
Description	A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-2778-1, DLA-3304-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
fig2dev (PTS)	stretch (security), stretch (lts), stretch	1:3.2.6a-2+deb9u4	fixed
	buster (security), buster, buster (lts)	1:3.2.7a-5+deb10u5	fixed
	bullseye	1:3.2.8-3+deb11u1	fixed
	bookworm	1:3.2.8b-3	fixed
	sid, trixie	1:3.2.9-4	fixed
transfig (PTS)	jessie, jessie (lts)	1:3.2.6a-2~deb8u1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin
fig2dev	source	stretch	1:3.2.6a-2+deb9u4	DLA-2778-1
fig2dev	source	buster	1:3.2.7a-5+deb10u5	DLA-3304-1
fig2dev	source	(unstable)	1:3.2.8-1
transfig	source	jessie	(not affected)
transfig	source	(unstable)	(unfixed)

Notes

[stretch] - fig2dev <not-affected> (Vulnerable code introduced later)
https://sourceforge.net/p/mcj/tickets/76/
https://sourceforge.net/p/mcj/fig2dev/ci/acccc89c20206a5db1f463438ba444e35bcb400e/ (3.2.8)
Introduced by https://sourceforge.net/p/mcj/fig2dev/ci/102f607eea49785d4a9c9c24af85f046c23674de (3.2.7)
[jessie] - transfig <not-affected> (Vulnerable code introduced later)