Debian Fig2Dev vulnerabilities

CVE-2020-21684 [MEDIUM] CVE-2020-21684: fig2dev - A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b allows... A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format. Scope: local bookworm: resolved (fixed in 1:3.2.8-1) bullseye: resolved (fixed in 1:3.2.8-1) forky: resolved (fixed in 1:3.2.8-1) sid: resolved (fixed in 1:3.2.8-1) trixie: resolved (fixed in 1

CVE-2020-21681 [MEDIUM] CVE-2020-21681: fig2dev - A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b... A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format. Scope: local bookworm: resolved (fixed in 1:3.2.8-1) bullseye: resolved (fixed in 1:3.2.8-1) forky: resolved (fixed in 1:3.2.8-1) sid: resolved (fixed in 1:3.2.8-1) trixie: resolved (fixed i

CVE-2020-21680 [MEDIUM] CVE-2020-21680: fig2dev - A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig... A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format. Scope: local bookworm: resolved (fixed in 1:3.2.8-1) bullseye: resolved (fixed in 1:3.2.8-1) forky: resolved (fixed in 1:3.2.8-1) sid: resolved (fixed in 1:3.2.8-1) trixie: re

CVE-2020-21683 [MEDIUM] CVE-2020-21683: fig2dev - A global buffer overflow in the shade_or_tint_name_after_declare_color in genpst... A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format. Scope: local bookworm: resolved (fixed in 1:3.2.8-1) bullseye: resolved (fixed in 1:3.2.8-1) forky: resolved (fixed in 1:3.2.8-1) sid: resolved (fixed in 1:3.2

CVE-2020-21682 [MEDIUM] CVE-2020-21682: fig2dev - A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b ... A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format. Scope: local bookworm: resolved (fixed in 1:3.2.8-1) bullseye: resolved (fixed in 1:3.2.8-1) forky: resolved (fixed in 1:3.2.8-1) sid: resolved (fixed in 1:3.2.8-1) trixie: resolved (fixed in

CVE-2020-21678 [MEDIUM] CVE-2020-21678: fig2dev - A global buffer overflow in the genmp_writefontmacro_latex component in genmp.c ... A global buffer overflow in the genmp_writefontmacro_latex component in genmp.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into mp format. Scope: local bookworm: resolved (fixed in 1:3.2.8-1) bullseye: resolved (fixed in 1:3.2.8-1) forky: resolved (fixed in 1:3.2.8-1) sid: resolved (fixed in 1:3.2.8-1) trixie:

CVE-2019-19797 [MEDIUM] CVE-2019-19797: fig2dev - read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. Scope: local bookworm: resolved (fixed in 1:3.2.7b-3) bullseye: resolved (fixed in 1:3.2.7b-3) forky: resolved (fixed in 1:3.2.7b-3) sid: resolved (fixed in 1:3.2.7b-3) trixie: resolved (fixed in 1:3.2.7b-3)

CVE-2019-19555 [MEDIUM] CVE-2019-19555: fig2dev - read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overfl... read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf. Scope: local bookworm: resolved (fixed in 1:3.2.7b-2) bullseye: resolved (fixed in 1:3.2.7b-2) forky: resolved (fixed in 1:3.2.7b-2) sid: resolved (fixed in 1:3.2.7b-2) trixie: resolved (fixed in 1:3.2.7b-2)

CVE-2019-19746 [MEDIUM] CVE-2019-19746: fig2dev - make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out... make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type. Scope: local bookworm: resolved (fixed in 1:3.2.7b-3) bullseye: resolved (fixed in 1:3.2.7b-3) forky: resolved (fixed in 1:3.2.7b-3) sid: resolved (fixed in 1:3.2.7b-3) trixie: resolved (fixed in 1:3.2.7b-3)

CVE-2019-14275 [MEDIUM] CVE-2019-14275: fig2dev - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function... Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c. Scope: local bookworm: resolved (fixed in 1:3.2.7a-7) bullseye: resolved (fixed in 1:3.2.7a-7) forky: resolved (fixed in 1:3.2.7a-7) sid: resolved (fixed in 1:3.2.7a-7) trixie: resolved (fixed in 1:3.2.7a-7)

CVE-2018-16140 [HIGH] CVE-2018-16140: fig2dev - A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allow... A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file. Scope: local bookworm: resolved (fixed in 1:3.2.7a-3) bullseye: resolved (fixed in 1:3.2.7a-3) forky: resolved (fixed in 1:3.2.7a-3) sid: resolved (fixed in 1:3.2.7a-3) trixie: resolved (fixed in 1:3.2.7

CVE-2017-16899 [HIGH] CVE-2017-16899: fig2dev - An array index error in the fig2dev program in Xfig 3.2.6a allows remote attacke... An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in read.c and read1_3.c. Scope: local bookworm: resolved (fixed in 1:3.2.6a-5) bullseye: resol