Security update of potrace SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:2184-1 Final 1 1 2017-08-16T18:03:15Z current 2017-08-16T18:03:15Z 2017-08-16T18:03:15Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update of potrace This update for potrace fixes the following security issues: - CVE-2017-12067: potential buffer overflows and arithmetic overflows (bsc#1051634) The update also fixes various bugs, including a bug triggered by very large bitmaps. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-08/msg00077.html E-Mail link for openSUSE-SU-2017:2184-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 openSUSE Leap 42.3 libpotrace0-1.15-13.1 potrace-1.15-13.1 potrace-devel-1.15-13.1 libpotrace0-1.15-13.1 as a component of openSUSE Leap 42.2 potrace-1.15-13.1 as a component of openSUSE Leap 42.2 potrace-devel-1.15-13.1 as a component of openSUSE Leap 42.2 libpotrace0-1.15-13.1 as a component of openSUSE Leap 42.3 potrace-1.15-13.1 as a component of openSUSE Leap 42.3 potrace-devel-1.15-13.1 as a component of openSUSE Leap 42.3 Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c. CVE-2017-12067 openSUSE Leap 42.2:libpotrace0-1.15-13.1 openSUSE Leap 42.2:potrace-1.15-13.1 openSUSE Leap 42.2:potrace-devel-1.15-13.1 openSUSE Leap 42.3:libpotrace0-1.15-13.1 openSUSE Leap 42.3:potrace-1.15-13.1 openSUSE Leap 42.3:potrace-devel-1.15-13.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-08/msg00077.html https://www.suse.com/security/cve/CVE-2017-12067.html CVE-2017-12067 https://bugzilla.suse.com/1051634 SUSE Bug 1051634