Linux Security
Linux Security
Linux Security

Fedora 33: leptonica 2021-f5f2803fff

Date 19 Apr 2021
87
Posted By LinuxSecurity Advisories
Update to leptonica-1.80.0, see https://leptonica.org/source/version-notes.html for details.
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-f5f2803fff
2021-04-19 17:43:39.804525
--------------------------------------------------------------------------------

Name        : leptonica
Product     : Fedora 33
Version     : 1.80.0
Release     : 3.fc33
URL         : https://github.com/danbloomberg/leptonica
Summary     : C library for efficient image processing and image analysis operations
Description :
The library supports many operations that are useful on
 * Document images
 * Natural images

Fundamental image processing and image analysis operations
 * Rasterop (aka bitblt)
 * Affine transforms (scaling, translation, rotation, shear)
   on images of arbitrary pixel depth
 * Projective and bi-linear transforms
 * Binary and gray scale morphology, rank order filters, and
   convolution
 * Seed-fill and connected components
 * Image transformations with changes in pixel depth, both at
   the same scale and with scale change
 * Pixelwise masking, blending, enhancement, arithmetic ops,
   etc.

--------------------------------------------------------------------------------
Update Information:

Update to leptonica-1.80.0, see https://leptonica.org/source/version-notes.html
for details.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb  9 2021 Pavel Cahyna  - 1.80.0-3
- Make gnuplot build dependency optional, used only by tests
* Tue Jan 26 2021 Fedora Release Engineering  - 1.80.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1939138 - CVE-2020-36281 leptonica: heap-based buffer overflow in pixFewColorsOctcubeQuantMixed in colorquant1.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1939138
  [ 2 ] Bug #1939139 - CVE-2020-36281 mingw-leptonica: leptonica: heap-based buffer overflow in pixFewColorsOctcubeQuantMixed in colorquant1.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1939139
  [ 3 ] Bug #1939194 - CVE-2020-36277 leptonica: DoS via an incorrect left shift in pixConvert2To8 in pixconv.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1939194
  [ 4 ] Bug #1939195 - CVE-2020-36277 mingw-leptonica: leptonica: DoS via an incorrect left shift in pixConvert2To8 in pixconv.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1939195
  [ 5 ] Bug #1939196 - CVE-2020-36277 leptonica: DoS via an incorrect left shift in pixConvert2To8 in pixconv.c [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1939196
  [ 6 ] Bug #1939201 - CVE-2020-36278 leptonica: heap-based buffer overflow in findNextBorderPixel in ccbord.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1939201
  [ 7 ] Bug #1939202 - CVE-2020-36278 mingw-leptonica: leptonica: heap-based buffer overflow in findNextBorderPixel in ccbord.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1939202
  [ 8 ] Bug #1939207 - CVE-2020-36279 leptonica: heap-based buffer overflow in rasteropGeneralLow [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1939207
  [ 9 ] Bug #1939208 - CVE-2020-36279 mingw-leptonica: leptonica: heap-based buffer overflow in rasteropGeneralLow [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1939208
  [ 10 ] Bug #1939211 - CVE-2020-36280 leptonica: heap-based buffer overflow in pixReadFromTiffStream [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1939211
  [ 11 ] Bug #1939212 - CVE-2020-36280 mingw-leptonica: leptonica: heap-based buffer overflow in pixReadFromTiffStream [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1939212
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-f5f2803fff' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Advisories

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
/main-polls/52-how-frequently-do-you-patch-update-your-system?task=poll.vote&format=json
52
radio
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"66","type":"x","order":"1","pct":75.86,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"14","type":"x","order":"2","pct":16.09,"resources":[]},{"id":"181","title":"Hardly ever","votes":"7","type":"x","order":"3","pct":8.05,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.

VOTE ON THE POLL PAGE


VIEW MORE POLLS

bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.