UbuntuUpdates.org

Package "freeimage"

Name: freeimage

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Support library for graphics image formats (development files)
  • Support library for graphics image formats (library)
  • C++ wrappers for FreeImage (development files)
  • C++ wrappers for FreeImage (documentation)
Latest version: 3.18.0+ds2-1ubuntu3.1
Release: focal (20.04)
Level: security
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "freeimage" in Focal

Repository Area Version
base universe 3.18.0+ds2-1ubuntu3
updates universe 3.18.0+ds2-1ubuntu3.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.18.0+ds2-1ubuntu3.1 2024-01-16 14:08:52 UTC

  freeimage (3.18.0+ds2-1ubuntu3.1) focal-security; urgency=medium

  * SECURITY UPDATE: heap buffer overflow
    - debian/patches/CVE-2019-12211-13.patch: Fix heap buffer
      overflow caused by invalid memcpy in PluginTIFF and stack
      exhaustion caused by unwanted recursion in ReadThumbnail.
    - CVE-2019-12211
    - CVE-2019-12213
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2020-21427_*: fix buffer overflow in PluginBMP
    - CVE-2020-21427
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2020-21428_*: fix buffer overflow in PluginDDS
    - CVE-2020-21428
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2020-22524_*: fix buffer overflow in PluginPFM
    - CVE-2020-22524

 -- Fabian Toepfer <email address hidden> Wed, 10 Jan 2024 18:08:18 +0100
CVE-2019-12211 When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destinat
CVE-2019-12213 When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion.
CVE-2020-21427 Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and ca
CVE-2020-21428 Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other
CVE-2020-22524 Buffer Overflow vulnerability in FreeImage_Load function in FreeImage Library 3.19.0(r1828) allows attackers to cuase a denial of service via crafted


About   -   Send Feedback to @ubuntu_updates