Описание
A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| fig2dev | fixed | 1:3.2.8b-1 | package | |
| fig2dev | fixed | 1:3.2.8-3+deb11u1 | bullseye | package |
| fig2dev | not-affected | buster | package | |
| fig2dev | not-affected | stretch | package | |
| transfig | removed | package |
Примечания
https://sourceforge.net/p/mcj/tickets/126/
https://sourceforge.net/p/mcj/fig2dev/ci/ff103511e49c44c83fc58e2092aa37e9019a3a9f/
Introduced by https://sourceforge.net/p/mcj/fig2dev/ci/bc3beba96605f9db5a063061ea28077937959ae2/ (3.2.8)
Связанные уязвимости
A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.
A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.
A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.
A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.
Уязвимость функции open_stream утилиты для преобразования файлов с расширением fig fig2dev , связанная с записью за границами буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании