UbuntuUpdates.org

Package "libcaca"

Name: libcaca

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • development files for libcaca
  • colour ASCII art library
Latest version: 0.99.beta20-4ubuntu0.2
Release: noble (24.04)
Level: security
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "libcaca" in Noble

Repository Area Version
base universe 0.99.beta20-4build2
base main 0.99.beta20-4build2
security universe 0.99.beta20-4ubuntu0.2
updates main 0.99.beta20-4ubuntu0.2
updates universe 0.99.beta20-4ubuntu0.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.99.beta20-4ubuntu0.2 2026-05-27 14:07:35 UTC

  libcaca (0.99.beta20-4ubuntu0.2) noble-security; urgency=medium

  * SECURITY UPDATE: overflow in canvas import functionality
    - debian/patches/CVE-2026-42046.patch: Prevent undefined behaviour in
      overflow check in caca/canvas.c.
    - CVE-2026-42046

 -- Marc Deslauriers <email address hidden> Sat, 23 May 2026 19:10:25 -0400
Source diff to previous version
CVE-2026-42046 libcaca is a colour ASCII art library. In 0.99.beta20 and earlier, an integer overflow vulnerability in libcaca's canvas import functionality allows

Version: 0.99.beta20-4ubuntu0.1 2026-01-07 12:07:37 UTC

  libcaca (0.99.beta20-4ubuntu0.1) noble-security; urgency=medium

  * SECURITY UPDATE: divide by zero
    - debian/patches/CVE-2022-0856.patch: adds a check to handle images with
      either a width or height of zero in src/img2txt.c.
    - CVE-2022-0856

 -- Ian Constantin <email address hidden> Mon, 05 Jan 2026 12:51:47 +0200
CVE-2022-0856 libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to cause a Denial of Service


About   -   Send Feedback to @ubuntu_updates