Описание
Security update for gnuplot
This update for gnuplot fixes the following issues:
- CVE-2025-31178: unvalidated user input leads to segmentation fault on GetAnnotateString (bsc#1240327).
- CVE-2025-31179: improper verification of time values leads to segmentation fault on xstrftime (bsc#1240328).
- CVE-2025-31181: double fclose() call leads to segmentation fault on X11_graphics (bsc#1240330).
- CVE-2025-3359: out-of-bounds read when parsing font names may lead to a segmentation fault (bsc#1241684).
Список пакетов
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
gnuplot-4.6.5-3.9.1
Ссылки
- Link for SUSE-SU-2025:01805-1
- E-Mail link for SUSE-SU-2025:01805-1
- SUSE Security Ratings
- SUSE Bug 1240327
- SUSE Bug 1240328
- SUSE Bug 1240330
- SUSE Bug 1241684
- SUSE CVE CVE-2025-31178 page
- SUSE CVE CVE-2025-31179 page
- SUSE CVE CVE-2025-31181 page
- SUSE CVE CVE-2025-3359 page
Описание
A flaw was found in gnuplot. The GetAnnotateString() function may lead to a segmentation fault and cause a system crash.
Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gnuplot-4.6.5-3.9.1
Ссылки
- CVE-2025-31178
- SUSE Bug 1240327
Описание
A flaw was found in gnuplot. The xstrftime() function may lead to a segmentation fault, causing a system crash.
Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gnuplot-4.6.5-3.9.1
Ссылки
- CVE-2025-31179
- SUSE Bug 1240328
Описание
A flaw was found in gnuplot. The X11_graphics() function may lead to a segmentation fault and cause a system crash.
Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gnuplot-4.6.5-3.9.1
Ссылки
- CVE-2025-31181
- SUSE Bug 1240330
Описание
A flaw was found in GNUPlot. A segmentation fault via IO_str_init_static_internal may jeopardize the environment.
Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gnuplot-4.6.5-3.9.1
Ссылки
- CVE-2025-3359
- SUSE Bug 1241684