| Release | Version |
|---|---|
| jessie | 1:3.2.5.c-3 |
| stretch | 1:3.2.6a-1 |
| buster | 1:3.2.7a-3+deb10u1 |
| bullseye | 1:3.2.8-3+deb11u1 |
| bookworm | 1:3.2.8b-2 |
| trixie | 1:3.2.9-4 |
| sid | 1:3.2.9-4 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-40241 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | xfig 3.2.7 is vulnerable to Buffer Overflow. |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-45920 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | fixed | fixed | Xfig v3.2.8 was discovered to contain a NULL pointer dereference when ... |
| CVE-2009-4228 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlie ... |
| Bug | Description |
|---|---|
| CVE-2010-4262 | Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote atta ... |
| CVE-2009-4227 | Stack-based buffer overflow in the read_1_3_textobject function in f_r ... |
| CVE-2009-1962 | Xfig, possibly 3.2.5, allows local users to read and write arbitrary f ... |
| DSA / DLA | Description |
|---|---|
| DLA-3353-1 | xfig - security update |