Debian Gtkwave vulnerabilities

CVE-2023-34436 [HIGH] CVE-2023-34436: gtkwave - An out-of-bounds write vulnerability exists in the LXT2 num_time_table_entries f... An out-of-bounds write vulnerability exists in the LXT2 num_time_table_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. Scope: local bookworm: resolved (fixed in 3.3.118-0.1~deb12u1) bullseye: resolved (fixed in 3.3.104+really3.3.

CVE-2023-39443 [HIGH] CVE-2023-39443: gtkwave - Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functiona... Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the prefix copy loop. Scope: local bookworm: resolve