Package "cimg-dev"
Name: |
cimg-dev
|
Description: |
powerful image processing library
|
Latest version: |
1.7.9+dfsg-2ubuntu0.18.04.2 |
Release: |
bionic (18.04) |
Level: |
security |
Repository: |
universe |
Head package: |
cimg |
Homepage: |
http://cimg.sourceforge.net/ |
Links
Download "cimg-dev"
Other versions of "cimg-dev" in Bionic
Changelog
cimg (1.7.9+dfsg-2ubuntu0.18.04.2) bionic-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds Read
- debian/patches/CVE-2018-7637-7638-7639-7640-7641.patch: Fix other issues
in 'CImg<T>::load_bmp()'.
- CVE-2018-7637
- CVE-2018-7638
- CVE-2018-7639
- CVE-2018-7640
- CVE-2018-7641
* SECURITY UPDATE: Command Injection
- debian/patches/CVE-2019-13568.patch: Fix buffer assigning.
- debian/patches/CVE-2019-1010174.patch: Add string sanitization.
- CVE-2019-13568
- CVE-2019-1010174
* SECURITY UPDATE: Buffer overflow
- debian/patches/0001-Fix-multiple-heap-buffer-overflows.patch: Fix
multiple heap buffer overflows.
-- Paulo Flabiano Smorigo <email address hidden> Thu, 07 Oct 2021 19:11:30 +0000
|
Source diff to previous version |
CVE-2018-7637 |
An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulne |
CVE-2018-7638 |
An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulne |
CVE-2018-7639 |
An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulne |
CVE-2018-7640 |
An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulne |
CVE-2018-7641 |
An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulne |
CVE-2019-13568 |
CImg through 2.6.7 has a heap-based buffer overflow in _load_bmp in CImg.h because of erroneous memory allocation for a malformed BMP image. |
CVE-2019-1010174 |
CImg The CImg Library v.2.3.3 and earlier is affected by: command injection. The impact is: RCE. The component is: load_network() function. The attac |
|
cimg (1.7.9+dfsg-2ubuntu0.18.04.1) bionic-security; urgency=medium
* SECURITY UPDATE: a double free in load_bmp in CImg.h can occur when
loading a crafted bmp image
- debian/patches/CVE-2018-7589_7588_7587.patch: add additional checks
for malformed input in load_bmp()
- CVE-2018-7589
- CVE-2018-7588
- CVE-2018-7587
-- Daniel Wang <email address hidden> Tue, 18 Jun 2019 12:21:31 -0700
|
CVE-2018-7589 |
An issue was discovered in CImg v.220. A double free in load_bmp in CImg.h occurs when loading a crafted bmp image. |
CVE-2018-7588 |
An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image. |
CVE-2018-7587 |
An issue was discovered in CImg v.220. DoS occurs when loading a crafted bmp image that triggers an allocation failure in load_bmp in CImg.h. |
|
About
-
Send Feedback to @ubuntu_updates