Format: 1.8
Date: Mon, 13 Feb 2023 09:53:05 +0000
Source: fig2dev
Binary: fig2dev
Architecture: s390x
Version: 1:3.2.7a-7ubuntu0.1
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-s390x-001.buildd>
Changed-By: Amir Naseredini <amir.naseredini@canonical.com>
Description:
 fig2dev    - Utilities for converting XFig figure files
Changes:
 fig2dev (1:3.2.7a-7ubuntu0.1) focal-security; urgency=medium
 .
   * SECURITY UPDATE: Denial of Service
     - debian/patches/CVE-2019-19555[-test].patch: fixed a buffer overflow in
       read_textobject function and added tests to see if it's fixed.
     - debian/patches/CVE-2020-21534.patch: fixed an out-of-bounds write
       in read_colordef function (CVE-2019-19797), a segmentation fault
       in read_objects function (CVE-2020-21530), a buffer overflow in
       read_textobject function (CVE-2020-21533), a buffer overflow in
       get_line function (CVE-2020-21534), a segmentation fault in
       gencgm_start function (CVE-2020-21535), and a buffer overflow in
       genptk_text function (CVE-2020-21675).
     - debian/patches/CVE-2020-21529[1-2].patch: fixed a buffer overflow in
       bezier_spline function.
     - debian/patches/CVE-2020-21531.patch: fixed a buffer overflow in
       conv_pattern_index function.
     - debian/patches/CVE-2020-21532.patch: fixed a buffer overflow in
       setfigfont function.
     - debian/patches/CVE-2020-21676.patch: fixed a buffer overflow in
       genpstrx_text function.
     - debian/patches/CVE-2021-3561.patch: fixed a flawed bounds check in
       read_objects function.
     - debian/patches/CVE-2021-32280.patch: fixed a NULL pointer dereference
       in compute_closed_spline function.
     - CVE-2019-19555
     - CVE-2019-19797
     - CVE-2020-21530
     - CVE-2020-21533
     - CVE-2020-21534
     - CVE-2020-21535
     - CVE-2020-21675
     - CVE-2020-21529
     - CVE-2020-21531
     - CVE-2020-21532
     - CVE-2020-21676
     - CVE-2021-3561
     - CVE-2021-32280
Checksums-Sha1:
 dcdebc460c657c900591bb067feb5d904d2c3df6 623416 fig2dev-dbgsym_3.2.7a-7ubuntu0.1_s390x.ddeb
 ca641489285963c7f8a1197e289b3e3614136077 9523 fig2dev_3.2.7a-7ubuntu0.1_s390x.buildinfo
 889548af6b8213d763bbf1e819a18b79c63c5117 587892 fig2dev_3.2.7a-7ubuntu0.1_s390x.deb
Checksums-Sha256:
 f7188d08a6703f65c68bc3d674a34da9bbf9920b22dce1acb1d8b27b111aaba8 623416 fig2dev-dbgsym_3.2.7a-7ubuntu0.1_s390x.ddeb
 98a2665dd388e1a10da549ccf00bebaedb2653a88ec2928910ca13d5714812df 9523 fig2dev_3.2.7a-7ubuntu0.1_s390x.buildinfo
 da0d5b3cf23ce271b2ff7545b43f92b899d4d82ab67fb561e32470b74d6efbfb 587892 fig2dev_3.2.7a-7ubuntu0.1_s390x.deb
Files:
 5d3cb6d967f927a2a0b62e4b762da935 623416 debug optional fig2dev-dbgsym_3.2.7a-7ubuntu0.1_s390x.ddeb
 92129bdb15b2c6ea7553ecf7ca3491af 9523 graphics optional fig2dev_3.2.7a-7ubuntu0.1_s390x.buildinfo
 e564e5e3cd0c8b07254ff984db9b38c2 587892 graphics optional fig2dev_3.2.7a-7ubuntu0.1_s390x.deb
Original-Maintainer: Roland Rosenfeld <roland@debian.org>