Information on source package fig2dev

Available versions

ReleaseVersion
stretch1:3.2.6a-2+deb9u3
stretch (security)1:3.2.6a-2+deb9u4
buster1:3.2.7a-5+deb10u4
bullseye1:3.2.8-3
bookworm1:3.2.8b-1
sid1:3.2.8b-1

Open issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2021-32280fixedvulnerable (no DSA)fixedfixedfixedAn issue was discovered in fig2dev before 3.2.8.. A NULL pointer deref ...
CVE-2020-21676fixedvulnerable (no DSA)fixedfixedfixedA stack-based buffer overflow in the genpstrx_text() component in genp ...
CVE-2020-21532fixedvulnerable (no DSA)fixedfixedfixedfig2dev 3.2.7b contains a global buffer overflow in the setfigfont fun ...
CVE-2020-21531fixedvulnerable (no DSA)fixedfixedfixedfig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_i ...
CVE-2020-21529fixedvulnerable (no DSA)fixedfixedfixedfig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline f ...

Open unimportant issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2020-21684vulnerablevulnerablefixedfixedfixedA global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2 ...
CVE-2020-21683vulnerablevulnerablefixedfixedfixedA global buffer overflow in the shade_or_tint_name_after_declare_color ...
CVE-2020-21682vulnerablevulnerablefixedfixedfixedA global buffer overflow in the set_fill component in genge.c of fig2d ...
CVE-2020-21681vulnerablevulnerablefixedfixedfixedA global buffer overflow in the set_color component in genge.c of fig2 ...
CVE-2020-21680vulnerablevulnerablefixedfixedfixedA stack-based buffer overflow in the put_arrow() component in genpict2 ...
CVE-2020-21678vulnerablevulnerablefixedfixedfixedA global buffer overflow in the genmp_writefontmacro_latex component i ...
CVE-2019-19746vulnerablefixedfixedfixedfixedmake_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fau ...
CVE-2018-16140vulnerablefixedfixedfixedfixedA buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3. ...

Resolved issues

BugDescription
CVE-2021-3561An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bound ...
CVE-2020-21675A stack-based buffer overflow in the genptk_text component in genptk.c ...
CVE-2020-21535fig2dev 3.2.7b contains a segmentation fault in the gencgm_start funct ...
CVE-2020-21534fig2dev 3.2.7b contains a global buffer overflow in the get_line funct ...
CVE-2020-21533fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject ...
CVE-2020-21530fig2dev 3.2.7b contains a segmentation fault in the read_objects funct ...
CVE-2019-19797read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds wr ...
CVE-2019-19555read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buf ...
CVE-2019-14275Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arro ...
CVE-2017-16899An array index error in the fig2dev program in Xfig 3.2.6a allows remo ...

Security announcements

DSA / DLADescription
DLA-2778-1fig2dev - security update

Search for package or bug name: Reporting problems