Debian Htmldoc vulnerabilities

CVE-2021-34119 [HIGH] CVE-2021-34119: htmldoc - A flaw was discovered in htmodoc 1.9.12 in function parse_paragraph in ps-pdf.cx... A flaw was discovered in htmodoc 1.9.12 in function parse_paragraph in ps-pdf.cxx ,this flaw possibly allows possible code execution and a denial of service via a crafted file. Scope: local bookworm: resolved (fixed in 1.9.12-1) bullseye: open forky: resolved (fixed in 1.9.12-1) sid: resolved (fixed in 1.9.12-1) trixie: resolved (fixed in 1.9.12-1)

CVE-2021-26259 [HIGH] CVE-2021-26259: htmldoc - A flaw was found in htmldoc in v1.9.12. Heap buffer overflow in render_table_row... A flaw was found in htmldoc in v1.9.12. Heap buffer overflow in render_table_row(),in ps-pdf.cxx may lead to arbitrary code execution and denial of service. Scope: local bookworm: resolved (fixed in 1.9.11-4) bullseye: resolved (fixed in 1.9.11-4) forky: resolved (fixed in 1.9.11-4) sid: resolved (fixed in 1.9.11-4) trixie: resolved (fixed in 1.9.11-4)

CVE-2019-19630 [HIGH] CVE-2019-19630: htmldoc - HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() function ... HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() function in string.c (when called from render_contents in ps-pdf.cxx) via a crafted HTML document. Scope: local bookworm: resolved (fixed in 1.9.7-1) bullseye: resolved (fixed in 1.9.7-1) forky: resolved (fixed in 1.9.7-1) sid: resolved (fixed in 1.9.7-1) trixie: resolved (fixed in 1.9.7-1)

CVE-2009-3050 [CRITICAL] CVE-2009-3050: htmldoc - Buffer overflow in the set_page_size function in util.cxx in HTMLDOC 1.8.27 and ... Buffer overflow in the set_page_size function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file with a long glyph name, but these vectors do not cross privilege bound