UbuntuUpdates.org

Package "cairo-perf-utils"

Name: cairo-perf-utils

Description:

Cairo 2D vector graphics library performance utilities
Latest version: 1.16.0-5ubuntu2.1
Release: jammy (22.04)
Level: updates
Repository: universe
Head package: cairo
Homepage: https://cairographics.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "cairo-perf-utils"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "cairo-perf-utils" in Jammy

Repository Area Version
base universe 1.16.0-5ubuntu2
security universe 1.16.0-5ubuntu2.1
PPA: Intel Linux Graphics 1.12.4-0ubuntu0~quantal1

Changelog

Version: 1.16.0-5ubuntu2.1 2026-04-01 21:08:08 UTC

  cairo (1.16.0-5ubuntu2.1) jammy-security; urgency=medium

  * SECURITY UPDATE: heap buffer overflow
    - debian/patches/CVE-2017-9814-1.patch: replace calls to malloc with
      _cairo_malloc.
    - debian/patches/CVE-2017-9814-2.patch: check cmap size before allocating
      memory in src/cairo-truetype-subset.c.
    - CVE-2017-9814
  * SECURITY UPDATE: assertion failure
    - debian/patches/CVE-2019-6461.patch: adds check for NaN angles in
      src/cairo-arc.c.
    - CVE-2019-6461
  * SECURITY UPDATE: infinite loop
    - debian/patches/CVE-2019-6462.patch: defines max_segments for use in a
      while loop conditional to prevent an infinite loop in src/cairo-arc.c.
    - CVE-2019-6462

 -- Ian Constantin <email address hidden> Mon, 30 Mar 2026 16:16:09 +0300
CVE-2017-9814 cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling
CVE-2019-6461 An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.
CVE-2019-6462 An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max


About   -   Send Feedback to @ubuntu_updates