Fedora 34: FEDORA-2022-e5b4014e1a Critical: OpenSSL Vulnerability Exploit

The library supports many operations that are useful on

* Document images

* Natural images

Fundamental image processing and image analysis operations

* Rasterop (aka bitblt)

* Affine transforms (scaling, translation, rotation, shear)

on images of arbitrary pixel depth

* Projective and bi-linear transforms

* Binary and gray scale morphology, rank order filters, and

convolution

* Seed-fill and connected components

* Image transformations with changes in pixel depth, both at

the same scale and with scale change

* Pixelwise masking, blending, enhancement, arithmetic ops,

etc.

Update to leptonica-1.80.0, see http://leptonica.org/source/version-notes.html

for details.

* Tue Feb 9 2021 Pavel Cahyna - 1.80.0-3

- Make gnuplot build dependency optional, used only by tests

* Tue Jan 26 2021 Fedora Release Engineering - 1.80.0-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

[ 1 ] Bug #1939138 - CVE-2020-36281 leptonica: heap-based buffer overflow in pixFewColorsOctcubeQuantMixed in colorquant1.c [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1939138

[ 2 ] Bug #1939139 - CVE-2020-36281 mingw-leptonica: leptonica: heap-based buffer overflow in pixFewColorsOctcubeQuantMixed in colorquant1.c [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1939139

[ 3 ] Bug #1939194 - CVE-2020-36277 leptonica: DoS via an incorrect left shift in pixConvert2To8 in pixconv.c [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1939194

[ 4 ] Bug #1939195 - CVE-2020-36277 mingw-leptonica: leptonica: DoS via an incorrect left shift in pixConvert2To8 in pixconv.c [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1939195

[ 5 ] Bug #1939196 - CVE-2020-36277 leptonica: DoS via an incorrect left shift in pixConvert2To8 in pixconv.c [epel-7]

https://bugzilla.redhat.com/show_bug.cgi?id=1939196

[ 6 ] Bug #1939201 - CVE-2020-36278 leptonica: heap-based buffer overflow in findNextBorderPixel in ccbord.c [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1939201

[ 7 ] Bug #1939202 - CVE-2020-36278 mingw-leptonica: leptonica: heap-based buffer overflow in findNextBorderPixel in ccbord.c [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1939202

[ 8 ] Bug #1939207 - CVE-2020-36279 leptonica: heap-based buffer overflow in rasteropGeneralLow [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1939207

[ 9 ] Bug #1939208 - CVE-2020-36279 mingw-leptonica: leptonica: heap-based buffer overflow in rasteropGeneralLow [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1939208

[ 10 ] Bug #1939211 - CVE-2020-36280 leptonica: heap-based buffer overflow in pixReadFromTiffStream [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1939211

[ 11 ] Bug #1939212 - CVE-2020-36280 mingw-leptonica: leptonica: heap-based buffer overflow in pixReadFromTiffStream [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1939212

su -c 'dnf upgrade --advisory FEDORA-2021-f5f2803fff' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure