SUSE-SU-2021:14823-1 -- SLES transfigID: oval:org.secpod.oval:def:89045708 | Date: (C)2021-10-25 (M)2024-02-02 |
Class: PATCH | Family: unix |
This update for transfig fixes the following issues: - CVE-2021-3561: Fixed global buffer overflow in fig2dev/read.c in function read_colordef . - CVE-2019-19797: Fixed out-of-bounds write in read_colordef in read.c . - CVE-2019-19746: Fixed segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type . - CVE-2019-19555: Fixed stack-based buffer overflow because of an incorrect sscanf . - CVE-2019-14275: Fixed stack-based buffer overflow in the calc_arrow function in bound.c . - CVE-2020-21680: Fixed a stack-based buffer overflow in the put_arrow component in genpict2e.c . - CVE-2020-21681: Fixed a global buffer overflow in the set_color component in genge.c . - CVE-2020-21682: Fixed a global buffer overflow in the set_fill component in genge.c . - CVE-2020-21683: Fixed a global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c . - Do hardening via compile and linker flags - Fixed last added upstream commit
Platform: |
SUSE Linux Enterprise Server 11 SP4 |