Arch Linux

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#70520 - [libcaca] [security] multiple overflow vulnerabilities

Attached to Project: Arch Linux
Opened by mysta (mysta) - Tuesday, 20 April 2021, 18:05 GMT
Last edited by Antonio Rojas (arojas) - Sunday, 24 October 2021, 10:29 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Jan de Groot (JGC)
Jan Alexander Steffens (heftig)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No


Several security fixes have been posted to the libcaca issue tracker that include stack buffer overflows and heap buffer overflows. We may want to bring them into the Arch package as upstream is not super active.

Additional info:
This task depends upon

Closed by  Antonio Rojas (arojas)
Sunday, 24 October 2021, 10:29 GMT
Reason for closing:  Fixed
Comment by mysta (mysta) - Sunday, 23 May 2021, 16:59 GMT
Friendly ping.
Comment by Jan Alexander Steffens (heftig) - Sunday, 23 May 2021, 18:51 GMT
There's a PR to fix 53 and 54 ( but no fix for 55 and 56.
Comment by mysta (mysta) - Thursday, 21 October 2021, 21:53 GMT
This can be closed now.