SUSE Package Hub - openSUSE-2022-141

Update Info

openSUSE-2022-141

Security update for autotrace

Type: security

Severity: important

Issued: 2022-05-18

Description:

This update for autotrace fixes the following issues:

- CVE-2019-19004: Fixed a biWidth*biBitCnt integer overflow fix (boo#1182158)
- CVE-2019-19005, CVE-2017-9182, CVE-2017-9190: Bitmap double free fix (boo#1182159)

References

CVE: CVE-2019-19005
CVE: CVE-2019-19004
CVE: CVE-2017-9190
CVE: CVE-2017-9182
Bugzilla: 1182159 VUL-1: CVE-2019-19005: autotrace: double free in main.c allows attackers to cause an unspecified impact via a malformed bitmap
Bugzilla: 1182158 VUL-1: CVE-2019-19004: autotrace: integer overflow in input-bmp.c

Packages

autotrace-0.31.1-bp153.2.3.1