USN-5407-1

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/notices/USN-5407-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5407-1.json

JSON Data

https://api.osv.dev/v1/vulns/USN-5407-1

Related

Published

2022-05-10T14:15:51.181436Z

Modified

2022-05-10T14:15:51.181436Z

Summary

cairo vulnerabilities

Details

Gustavo Grieco, Alberto Garcia, Francisco Oca, Suleman Ali, and others discovered that Cairo incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2016-9082, CVE-2017-9814, CVE-2019-6462)

Stephan Bergmann discovered that Cairo incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2020-35492)

References

Affected packages

Ubuntu:Pro:16.04:LTS / cairo

Package

Name: cairo
Purl: pkg:deb/ubuntu/cairo?arch=src?distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.6-1ubuntu0.1~esm1

Affected versions

1.*

1.14.2-2ubuntu2

1.14.4-1

1.14.6-1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_version": "1.14.6-1ubuntu0.1~esm1",
            "binary_name": "cairo-perf-utils"
        },
        {
            "binary_version": "1.14.6-1ubuntu0.1~esm1",
            "binary_name": "cairo-perf-utils-dbgsym"
        },
        {
            "binary_version": "1.14.6-1ubuntu0.1~esm1",
            "binary_name": "libcairo-gobject2"
        },
        {
            "binary_version": "1.14.6-1ubuntu0.1~esm1",
            "binary_name": "libcairo-gobject2-dbgsym"
        },
        {
            "binary_version": "1.14.6-1ubuntu0.1~esm1",
            "binary_name": "libcairo-script-interpreter2"
        },
        {
            "binary_version": "1.14.6-1ubuntu0.1~esm1",
            "binary_name": "libcairo-script-interpreter2-dbgsym"
        },
        {
            "binary_version": "1.14.6-1ubuntu0.1~esm1",
            "binary_name": "libcairo2"
        },
        {
            "binary_version": "1.14.6-1ubuntu0.1~esm1",
            "binary_name": "libcairo2-dbg"
        },
        {
            "binary_version": "1.14.6-1ubuntu0.1~esm1",
            "binary_name": "libcairo2-dbgsym"
        },
        {
            "binary_version": "1.14.6-1ubuntu0.1~esm1",
            "binary_name": "libcairo2-dev"
        },
        {
            "binary_version": "1.14.6-1ubuntu0.1~esm1",
            "binary_name": "libcairo2-dev-dbgsym"
        },
        {
            "binary_version": "1.14.6-1ubuntu0.1~esm1",
            "binary_name": "libcairo2-doc"
        },
        {
            "binary_version": "1.14.6-1ubuntu0.1~esm1",
            "binary_name": "libcairo2-udeb"
        },
        {
            "binary_version": "1.14.6-1ubuntu0.1~esm1",
            "binary_name": "libcairo2-udeb-dbgsym"
        }
    ]
}