Описание
Security update for cairo
This update for cairo fixes the following issues:
- CVE-2019-6461: Avoid assert when drawing arcs with NaN angles. (bsc#1122338)
- CVE-2025-50422: Fix NULL pointer access in
active_edges_to_traps()leading to crash in Poppler. (bsc#1247589)
Список пакетов
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
cairo-devel-1.15.2-25.11.1
libcairo-gobject2-1.15.2-25.11.1
libcairo-gobject2-32bit-1.15.2-25.11.1
libcairo-script-interpreter2-1.15.2-25.11.1
libcairo2-1.15.2-25.11.1
libcairo2-32bit-1.15.2-25.11.1
Ссылки
- Link for SUSE-SU-2025:03450-1
- E-Mail link for SUSE-SU-2025:03450-1
- SUSE Security Ratings
- SUSE Bug 1122338
- SUSE Bug 1247589
- SUSE CVE CVE-2019-6461 page
- SUSE CVE CVE-2025-50422 page
Описание
An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.
Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cairo-devel-1.15.2-25.11.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcairo-gobject2-1.15.2-25.11.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcairo-gobject2-32bit-1.15.2-25.11.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcairo-script-interpreter2-1.15.2-25.11.1
Ссылки
- CVE-2019-6461
- SUSE Bug 1122338
Описание
Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled->face == NULL" assertion failure for _cairo_ft_unscaled_font_fini in cairo-ft-font.c.
Затронутые продукты
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cairo-devel-1.15.2-25.11.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcairo-gobject2-1.15.2-25.11.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcairo-gobject2-32bit-1.15.2-25.11.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libcairo-script-interpreter2-1.15.2-25.11.1
Ссылки
- CVE-2025-50422
- SUSE Bug 1247589