Package "cairo"
| Name: |
cairo
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description.
Description samples from packages in group:
- Cairo 2D vector graphics library (GObject library)
- Cairo 2D vector graphics library (script interpreter)
- Cairo 2D vector graphics library
- Development files for the Cairo 2D graphics library
|
| Latest version: |
1.16.0-5ubuntu2.1 |
| Release: |
jammy (22.04) |
| Level: |
security |
| Repository: |
main |
Links
Other versions of "cairo" in Jammy
Packages in group
Deleted packages are displayed in grey.
Changelog
|
cairo (1.16.0-5ubuntu2.1) jammy-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow
- debian/patches/CVE-2017-9814-1.patch: replace calls to malloc with
_cairo_malloc.
- debian/patches/CVE-2017-9814-2.patch: check cmap size before allocating
memory in src/cairo-truetype-subset.c.
- CVE-2017-9814
* SECURITY UPDATE: assertion failure
- debian/patches/CVE-2019-6461.patch: adds check for NaN angles in
src/cairo-arc.c.
- CVE-2019-6461
* SECURITY UPDATE: infinite loop
- debian/patches/CVE-2019-6462.patch: defines max_segments for use in a
while loop conditional to prevent an infinite loop in src/cairo-arc.c.
- CVE-2019-6462
-- Ian Constantin <email address hidden> Mon, 30 Mar 2026 16:16:09 +0300
|
| CVE-2017-9814 |
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling |
| CVE-2019-6461 |
An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c. |
| CVE-2019-6462 |
An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max |
|
About
-
Send Feedback to @ubuntu_updates
