Format: 1.8
Date: Mon, 13 Feb 2023 09:53:05 +0000
Source: fig2dev
Binary: fig2dev
Architecture: riscv64
Version: 1:3.2.7a-7ubuntu0.1
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@riscv64-qemu-lgw01-074.buildd>
Changed-By: Amir Naseredini <amir.naseredini@canonical.com>
Description:
 fig2dev    - Utilities for converting XFig figure files
Changes:
 fig2dev (1:3.2.7a-7ubuntu0.1) focal-security; urgency=medium
 .
   * SECURITY UPDATE: Denial of Service
     - debian/patches/CVE-2019-19555[-test].patch: fixed a buffer overflow in
       read_textobject function and added tests to see if it's fixed.
     - debian/patches/CVE-2020-21534.patch: fixed an out-of-bounds write
       in read_colordef function (CVE-2019-19797), a segmentation fault
       in read_objects function (CVE-2020-21530), a buffer overflow in
       read_textobject function (CVE-2020-21533), a buffer overflow in
       get_line function (CVE-2020-21534), a segmentation fault in
       gencgm_start function (CVE-2020-21535), and a buffer overflow in
       genptk_text function (CVE-2020-21675).
     - debian/patches/CVE-2020-21529[1-2].patch: fixed a buffer overflow in
       bezier_spline function.
     - debian/patches/CVE-2020-21531.patch: fixed a buffer overflow in
       conv_pattern_index function.
     - debian/patches/CVE-2020-21532.patch: fixed a buffer overflow in
       setfigfont function.
     - debian/patches/CVE-2020-21676.patch: fixed a buffer overflow in
       genpstrx_text function.
     - debian/patches/CVE-2021-3561.patch: fixed a flawed bounds check in
       read_objects function.
     - debian/patches/CVE-2021-32280.patch: fixed a NULL pointer dereference
       in compute_closed_spline function.
     - CVE-2019-19555
     - CVE-2019-19797
     - CVE-2020-21530
     - CVE-2020-21533
     - CVE-2020-21534
     - CVE-2020-21535
     - CVE-2020-21675
     - CVE-2020-21529
     - CVE-2020-21531
     - CVE-2020-21532
     - CVE-2020-21676
     - CVE-2021-3561
     - CVE-2021-32280
Checksums-Sha1:
 f2af8c480f6f55a377dd5e5ede78823acf190cc7 587336 fig2dev-dbgsym_3.2.7a-7ubuntu0.1_riscv64.ddeb
 e85d96b9bdb9df7abf38cd0761085cdc12cc40b0 9388 fig2dev_3.2.7a-7ubuntu0.1_riscv64.buildinfo
 9f6a7a111f84f96e6e16be7f90e0952dd53fc1cd 595488 fig2dev_3.2.7a-7ubuntu0.1_riscv64.deb
Checksums-Sha256:
 88b48ef6d8c5b611a74fda42dd266ab83dd49f898ae60c2ed3947d51c06a3a96 587336 fig2dev-dbgsym_3.2.7a-7ubuntu0.1_riscv64.ddeb
 5e9281d0dab5737af231f8734832fedea749c8f477a1f58622f626cfde9e430d 9388 fig2dev_3.2.7a-7ubuntu0.1_riscv64.buildinfo
 808a79d52374e4d43d0cc689f864655aba8bb74286bb9e63eaeecd820c0b86aa 595488 fig2dev_3.2.7a-7ubuntu0.1_riscv64.deb
Files:
 6c22d3c4e72a43e13f87c8ce97910e0e 587336 debug optional fig2dev-dbgsym_3.2.7a-7ubuntu0.1_riscv64.ddeb
 4125dad3a7643307ff442d978447965a 9388 graphics optional fig2dev_3.2.7a-7ubuntu0.1_riscv64.buildinfo
 c9932c79bbb502205c847f4c7beaca81 595488 graphics optional fig2dev_3.2.7a-7ubuntu0.1_riscv64.deb
Original-Maintainer: Roland Rosenfeld <roland@debian.org>