All errata/c8.1/ALT-PU-2018-2709-1
ALT-PU-2018-2709-1

Package update potrace in branch c8.1

Version1.15-alt2
Task#216885
Published2018-11-27
Max severityHIGH
Severity:

Closed issues (3)

CVE-2016-8685
MEDIUM5.5

The findnext function in decompose.c in potrace 1.13 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted BMP image.

Published: 2017-01-31Modified: 2025-04-20
CVSS 2.0MEDIUM 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS 3.xMEDIUM 5.5
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References
CVE-2016-8686
HIGH7.8

The bm_new function in bitmap.h in potrace 1.13 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.

Published: 2017-01-31Modified: 2025-04-20
CVSS 2.0MEDIUM 6.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS 3.xHIGH 7.8
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References