SUSE-SU-2021:3124-1 -- SLES transfigID: oval:org.secpod.oval:def:89045627 | Date: (C)2021-09-20 (M)2024-02-02 |
Class: PATCH | Family: unix |
This update for transfig fixes the following issues: Update to version 3.2.8, including fixes for - CVE-2021-3561: overflow in fig2dev/read.c in function read_colordef . - CVE-2020-21683: Fixed buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c . - CVE-2020-21682: Fixed buffer overflow in the set_fill component in genge.c . - CVE-2020-21681: Fixed buffer overflow in the set_color component in genge.c . - CVE-2020-21680: Fixed stack-based buffer overflow in the put_arrow component in genpict2e.c . - CVE-2019-19797: out-of-bounds write in read_colordef in read.c . - CVE-2019-19555: stack-based buffer overflow because of an incorrect sscanf . - CVE-2019-19746: segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type .
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |
SUSE Linux Enterprise Server 12 SP5 |
SUSE Linux Enterprise Server 12 SP4 |