Fedora 31: xfig FEDORA-2020-5d0f0593ae

Date 24 Jan 2020

Category Fedora Linux Distribution - Security Advisories

601

Posted By LinuxSecurity Advisories

- Security fix for CVE-2019-19746, CVE-2019-19797 - New upstream release 3.2.7b - Add patch fixing CVE-2019-19746 (rhbz#1787040) - Add patch fixing CVE-2019-19797 (rhbz#1786726)

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-5d0f0593ae
2020-01-25 06:33:58.982369
--------------------------------------------------------------------------------

Name        : xfig
Product     : Fedora 31
Version     : 3.2.7b
Release     : 1.fc31
URL         : https://en.wikipedia.org/wiki/Xfig
Summary     : An X Window System tool for drawing basic vector graphics
Description :
Xfig is an X Window System tool for creating basic vector graphics,
including bezier curves, lines, rulers and more.  The resulting
graphics can be saved, printed on PostScript printers or converted to
a variety of other formats (e.g., X11 bitmaps, Encapsulated
PostScript, LaTeX).

You should install xfig if you need a simple program to create vector
graphics.

--------------------------------------------------------------------------------
Update Information:

- Security fix for CVE-2019-19746, CVE-2019-19797 - New upstream release 3.2.7b
- Add patch fixing CVE-2019-19746 (rhbz#1787040) - Add patch fixing
CVE-2019-19797 (rhbz#1786726)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jan 16 2020 Hans de Goede  - 3.2.7b-1
- New upstream release 3.2.7b
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1786726 - CVE-2019-19797 transfig: out-of-bounds write in read_colordef in read.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1786726
  [ 2 ] Bug #1787040 - CVE-2019-19746 transfig: integer overflow leads to out-of-bounds write in make_arrow in arrow.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1787040
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-5d0f0593ae' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.