SUSE-SU-2025:1540-1

Опубликовано: 13 мая 2025

Источник: suse-cvrf

Описание

Security update for transfig

This update for transfig fixes the following issues:

CVE-2025-31164: Fixed heap-buffer overflow in fig2dev create_line_with_spline() function (bsc#1240379)
CVE-2025-31162: Fixed floating point exception in fig2dev get_slope() function (bsc#1240380)
CVE-2025-31163: Fixed segmentation fault in fig2dev put_patternarc() function (bsc#1240381)

transfig-3.2.8b-2.23.1

Floating point exception in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via get_slope function.

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:transfig-3.2.8b-2.23.1

Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_patternarc function.

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:transfig-3.2.8b-2.23.1

heap-buffer overflow in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via create_line_with_spline.

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:transfig-3.2.8b-2.23.1