UbuntuUpdates.org

Package "libfreeimage-dev"

Name: libfreeimage-dev

Description:

Support library for graphics image formats (development files)

Latest version: 3.18.0+ds2-1ubuntu3.1
Release: focal (20.04)
Level: security
Repository: universe
Head package: freeimage
Homepage: http://freeimage.sourceforge.net/

Links


Download "libfreeimage-dev"


Other versions of "libfreeimage-dev" in Focal

Repository Area Version
base universe 3.18.0+ds2-1ubuntu3
updates universe 3.18.0+ds2-1ubuntu3.1

Changelog

Version: 3.18.0+ds2-1ubuntu3.1 2024-01-16 14:08:52 UTC

  freeimage (3.18.0+ds2-1ubuntu3.1) focal-security; urgency=medium

  * SECURITY UPDATE: heap buffer overflow
    - debian/patches/CVE-2019-12211-13.patch: Fix heap buffer
      overflow caused by invalid memcpy in PluginTIFF and stack
      exhaustion caused by unwanted recursion in ReadThumbnail.
    - CVE-2019-12211
    - CVE-2019-12213
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2020-21427_*: fix buffer overflow in PluginBMP
    - CVE-2020-21427
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2020-21428_*: fix buffer overflow in PluginDDS
    - CVE-2020-21428
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2020-22524_*: fix buffer overflow in PluginPFM
    - CVE-2020-22524

 -- Fabian Toepfer <email address hidden> Wed, 10 Jan 2024 18:08:18 +0100

CVE-2019-12211 When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destinat
CVE-2019-12213 When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion.
CVE-2020-21427 Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and ca
CVE-2020-21428 Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other
CVE-2020-22524 Buffer Overflow vulnerability in FreeImage_Load function in FreeImage Library 3.19.0(r1828) allows attackers to cuase a denial of service via crafted



About   -   Send Feedback to @ubuntu_updates