autotrace-0.31.1-53.el8
エラータID: AXSA:2022-3947:01
Release date:
Friday, October 28, 2022 - 02:12
Subject:
autotrace-0.31.1-53.el8
Affected Channels:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
AutoTrace is a program for converting bitmaps to vector graphics.
Security Fix(es):
autotrace: bitmap double free in main.c allows attackers to cause an
unspecified impact (CVE-2019-19005)
autotrace: integer overflow in input-bmp.c (CVE-2019-19004)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
CVE(s):
CVE-2019-19004
CVE-2019-19005
Solution:
Update packages.
CVEs:
CVE-2019-19004
A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.
A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.
CVE-2019-19005
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182.
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182.
Additional Info:
N/A
Download:
SRPMS
- autotrace-0.31.1-53.el8.src.rpm
MD5: b48058e0a31f10c1f7b3d1d578f30d1d
SHA-256: 998fad2acb789c7633f2aeac122ef97d616336ca2ab6578a823019e49c9b1963
Size: 375.96 kB
Asianux Server 8 for x86_64
- autotrace-0.31.1-53.el8.x86_64.rpm
MD5: d2419ce631011c546b6ed79be653db2c
SHA-256: a078cec6b546afb775985f3d4c4bde5415ddf074c677e2e0178f50369db4ce3d
Size: 147.04 kB - autotrace-0.31.1-53.el8.i686.rpm
MD5: 4099ee4c26c584d517b28a5413201831
SHA-256: e86f5c4e95837c98057d701eb2f5d1903c43d9a062340120952cfd89ba2a5bcd
Size: 152.73 kB
日本語