Package "fig2dev"

WARNING: the "fig2dev" package was deleted from this repository

Name:	fig2dev
Description:	Utilities for converting XFig figure files
Latest version:	DELETED
Release:	focal (20.04)
Level:	proposed
Repository:	universe
Homepage:	https://sourceforge.net/projects/mcj/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "fig2dev"

APT INSTALL

Other versions of "fig2dev" in Focal

Repository	Area	Version
base	universe	1:3.2.7a-7
security	universe	1:3.2.7a-7ubuntu0.1
updates	universe	1:3.2.7a-7ubuntu0.1

Changelog

Version: DELETED	2020-04-24 17:06:57 UTC
No changelog for deleted or moved packages.

Version: 1:3.2.7b-3 2020-04-10 23:14:17 UTC

fig2dev (1:3.2.7b-3) unstable; urgency=medium [ Debian Janitor ] * Add missing colon in closes line. * Set upstream metadata fields: Archive, Bug-Submit (from ./configure). [ Roland Rosenfeld ] * Update upstream metadata and add several fields. * 31_CVE-2019-19746: Reject huge arrow types causing integer overflow. This fixes CVE-2019-19746 (Closes: #946628). * 30_CVE-2019-19555: Add test to the patch. * 32_fgets2getline: Replace most calls to fgets() by getline() in read.c. This fixes CVE-2019-19797 (Closes: #946866). -- Roland Rosenfeld <email address hidden> Mon, 06 Jan 2020 22:13:27 +0100

CVE-2019-19746	make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow typ
CVE-2019-19555	read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf.
CVE-2019-19797	read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.

About - Send Feedback to @ubuntu_updates

Package "fig2dev"

Links

Download "fig2dev"

Other versions of "fig2dev" in Focal

Changelog

Share this page

Bookmarks

Latest updates

updates

security

proposed

PPA updates