Branch sisyphus update bulletin.

Package texmf-latex-obsolete updated to version 0.1-alt3 for branch sisyphus in task 210622.

Обновить или удалить

Package xfig updated to version 3.2.7a-alt1 for branch sisyphus in task 210618.

Published: 2017-11-20
Modified: 2024-11-21

CVE-2017-16899

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in read.c and read1_3.c.

Severity: HIGH (7.1) Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

References:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881143
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881143

Version: 2.1.0

Branch sisyphus update on 2018-07-23

ALT-BU-2018-3364-1

ALT-PU-2018-2049-1

Closed bugs

Bug #35168

ALT-PU-2018-2050-1

Closed vulnerabilities

CVE-2017-16899