Описание
ELSA-2022-1961: cairo and pixman security and bug fix update (MODERATE)
cairo [1.15.12-6]
- Fix CVE reference test (#1908113)
[1.15.12-5]
- Add reference test to CVE fix (#1908113)
[1.15.12-4]
- Fix CVE-2020-35492 (#1908113)
pixman [0.38.4-2]
- Backport the pixman part of cairo CVE-2020-35492
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
cairo
1.15.12-6.el8
cairo-devel
1.15.12-6.el8
cairo-gobject
1.15.12-6.el8
cairo-gobject-devel
1.15.12-6.el8
pixman
0.38.4-2.el8
pixman-devel
0.38.4-2.el8
Oracle Linux x86_64
cairo
1.15.12-6.el8
cairo-devel
1.15.12-6.el8
cairo-gobject
1.15.12-6.el8
cairo-gobject-devel
1.15.12-6.el8
pixman
0.38.4-2.el8
pixman-devel
0.38.4-2.el8
Связанные CVE
Связанные уязвимости
A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability.
A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability.
A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability.
A flaw was found in cairo's image-compositor.c in all versions prior t ...