Debian Raptor2 vulnerabilities

CVE-2024-57823 [CRITICAL] CVE-2024-57823: raptor2 - In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when ... In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptor_uri_normalize_path(). Scope: local bookworm: resolved (fixed in 2.0.15-4+deb12u1) bullseye: resolved (fixed in 2.0.14-1.2+deb11u1) forky: resolved (fixed in 2.0.16-6) sid: resolved (fixed in 2.0.16-6) trixie: resolved (fixed in 2.0.1

CVE-2024-57822 [MEDIUM] CVE-2024-57822: raptor2 - In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-r... In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal(). Scope: local bookworm: resolved (fixed in 2.0.15-4+deb12u1) bullseye: resolved (fixed in 2.0.14-1.2+deb11u1) forky: resolved (fixed in 2.0.16-6) sid: resolved (fixed in 2.0.16-6) trixie: resolved

CVE-2020-25713 [MEDIUM] CVE-2020-25713: raptor2 - A malformed input file can lead to a segfault due to an out of bounds array acce... A malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common. Scope: local bookworm: resolved (fixed in 2.0.14-1.2) bullseye: resolved (fixed in 2.0.14-1.2) forky: resolved (fixed in 2.0.14-1.2) sid: resolved (fixed in 2.0.14-1.2) trixie: resolved (fixed in 2.0.14-1.2)

CVE-2017-18926 [HIGH] CVE-2017-18926: raptor2 - raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Synt... raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml). Scope: local bookworm: resolved (fixed in 2.0.14-1.1) bullseye: resolved (fixed in 2.0.14-1.1) forky: resolved (fixed