SUSE-SU-2025:01835-1

CVE-2025-31162: Fixed a floating point exception in fig2dev in get_slope function (bsc#1240380).
CVE-2025-31163: Fixed a segmentation fault in fig2dev in put_patternarc function (bsc#1240381).
CVE-2025-31164: Fixed a heap buffer overflow in fig2dev in createlinewith_spline function (bsc#1240379).
CVE-2025-46397: Fixed a stack buffer overflow in fig2dev in bezier_spline function (bsc#1243260).
CVE-2025-46398: Fixed a stack buffer overflow in fig2dev in read_objects function (bsc#1243262).
CVE-2025-46399: Fixed a segmentation fault in fig2dev in gengeitpspline function (bsc#1243263).
CVE-2025-46400: Fixed a segmentation fault in fig2dev in read_arcobject function (bsc#1243261).

References

Affected packages

Name: transfig
Purl: pkg:rpm/suse/transfig&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.2.9a-150600.3.5.1

{
    "binaries": [
        {
            "transfig": "3.2.9a-150600.3.5.1"
        }
    ]
}

Name: transfig
Purl: pkg:rpm/suse/transfig&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.2.9a-150600.3.5.1

{
    "binaries": [
        {
            "transfig": "3.2.9a-150600.3.5.1"
        }
    ]
}

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.2.9a-150600.3.5.1

{
    "binaries": [
        {
            "transfig": "3.2.9a-150600.3.5.1"
        }
    ]
}