Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2025:01890-1

Опубликовано: 11 июн. 2025
Источник: suse-cvrf

Описание

Security update for transfig

This update for transfig fixes the following issues:

Update to fig2dev version 3.2.9a

  • CVE-2025-46397: Fixed a stack buffer overflow in fig2dev in bezier_spline function (bsc#1243260).
  • CVE-2025-46398: Fixed a stack buffer overflow in fig2dev in read_objects function (bsc#1243262).
  • CVE-2025-46399: Fixed a segmentation fault in fig2dev in genge_itp_spline function (bsc#1243263).
  • CVE-2025-46400: Fixed a segmentation fault in fig2dev in read_arcobject function (bsc#1243261).

Список пакетов

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
transfig-3.2.8b-2.26.1

Ссылки

Описание

In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation at the bezier_spline function.

Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:transfig-3.2.8b-2.26.1
Ссылки

Описание

In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via read_objects function.

Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:transfig-3.2.8b-2.26.1
Ссылки

Описание

In xfig diagramming tool, a segmentation fault in fig2dev allows memory corruption via local input manipulation at genge_itp_spline function.

Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:transfig-3.2.8b-2.26.1
Ссылки

Описание

In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via read_arcobject function.

Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:transfig-3.2.8b-2.26.1
Ссылки