FS#57642 : [leptonica] Multiple unaddressed CVEs

FS#57642 - [leptonica] Multiple unaddressed CVEs

Attached to Project: Community Packages
Opened by Karol Babioch (kbabioch) - Monday, 26 February 2018, 08:47 GMT
Last edited by Jelle van der Waa (jelly) - Sunday, 22 July 2018, 13:39 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	Jelle van der Waa (jelly) Levente Polyak (anthraxx)
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Should be added to the tracker:

- CVE-2018-7442 (currently unfixed)
- CVE-2018-7441 (currently unfixed)
- CVE-2018-7440 (unfixed in released version, "fix" available: https://github.com/DanBloomberg/leptonica/pull/313)
- CVE-2018-7247 fixed in 1.75.3
- CVE-2018-7186 fixed in 1.75.3
- CVE-2018-3836 "fixed" in 1.75.3
- CVE-2017-18196: probably fixed in 1.74?

This task depends upon

Closed by Jelle van der Waa (jelly)
Sunday, 22 July 2018, 13:39 GMT
Reason for closing: Fixed
Additional comments about closing: All resolved in 1.76

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#57642 - [leptonica] Multiple unaddressed CVEs

Details

Loading...