USN-5864-1

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/notices/USN-5864-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5864-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-5864-1
Related
Published
2023-02-13T13:59:56.297322Z
Modified
2023-02-13T13:59:56.297322Z
Summary
fig2dev vulnerabilities
Details

Frederic Cambus discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-14275)

It was discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2019-19555, CVE-2019-19797, CVE-2020-21529, CVE-2020-21530, CVE-2020-21531, CVE-2020-21532, CVE-2020-21533, CVE-2020-21534, CVE-2020-21535, CVE-2020-21675, CVE-2020-21676, CVE-2021-3561)

It was discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2021-32280)

References

Affected packages

Ubuntu:18.04:LTS / fig2dev

Package

Name
fig2dev
Purl
pkg:deb/ubuntu/fig2dev?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:3.2.6a-6ubuntu1.1

Affected versions

1:3.*

1:3.2.6a-3
1:3.2.6a-4
1:3.2.6a-4ubuntu1
1:3.2.6a-6ubuntu1

Ecosystem specific 

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "1:3.2.6a-6ubuntu1.1",
            "binary_name": "fig2dev"
        },
        {
            "binary_version": "1:3.2.6a-6ubuntu1.1",
            "binary_name": "fig2dev-dbgsym"
        },
        {
            "binary_version": "1:3.2.6a-6ubuntu1.1",
            "binary_name": "transfig"
        }
    ]
}

Ubuntu:20.04:LTS / fig2dev

Package

Name
fig2dev
Purl
pkg:deb/ubuntu/fig2dev?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:3.2.7a-7ubuntu0.1

Affected versions

1:3.*

1:3.2.7a-7

Ecosystem specific 

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "1:3.2.7a-7ubuntu0.1",
            "binary_name": "fig2dev"
        },
        {
            "binary_version": "1:3.2.7a-7ubuntu0.1",
            "binary_name": "fig2dev-dbgsym"
        }
    ]
}