UbuntuUpdates.org

Package "xcftools"

Name: xcftools

Description:

command-line tools for extracting data for XCF files

Latest version: 1.0.7-6ubuntu0.20.04.1
Release: focal (20.04)
Level: updates
Repository: universe
Homepage: https://github.com/j-jorge/xcftools/

Links


Download "xcftools"


Other versions of "xcftools" in Focal

Repository Area Version
base universe 1.0.7-6build1
security universe 1.0.7-6ubuntu0.20.04.1

Changelog

Version: 1.0.7-6ubuntu0.20.04.1 2023-03-29 22:06:52 UTC

  xcftools (1.0.7-6ubuntu0.20.04.1) focal-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds Write
    - debian/patches/CVE-2019-5086-and-CVE-2019-5087.patch: Add code to prevent
      integer overflow.
    - CVE-2019-5086
    - CVE-2019-5087

 -- Paulo Flabiano Smorigo <email address hidden> Mon, 27 Mar 2023 12:14:59 -0300

CVE-2019-5086 An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.
CVE-2019-5087 An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An i



About   -   Send Feedback to @ubuntu_updates