Security update for transfig

Announcement ID: SUSE-SU-2021:14823-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2019-14275 ( SUSE ): 4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
  • CVE-2019-14275 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2019-14275 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2019-19555 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2019-19555 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2019-19746 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2019-19746 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2019-19797 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  • CVE-2019-19797 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2020-21680 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-21680 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2020-21681 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-21681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2020-21682 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-21682 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2020-21683 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-21683 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • CVE-2021-3561 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:L
  • CVE-2021-3561 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
Affected Products:
  • SUSE Linux Enterprise Point of Service 11 SP3
  • SUSE Linux Enterprise Server 11 SP4
  • SUSE Linux Enterprise Server 11 SP4 LTSS 11-SP4

An update that solves nine vulnerabilities and has one security fix can now be installed.

Description:

This update for transfig fixes the following issues:

  • CVE-2021-3561: Fixed global buffer overflow in fig2dev/read.c in function read_colordef() (bsc#1186329).
  • CVE-2019-19797: Fixed out-of-bounds write in read_colordef in read.c (bsc#1159293).
  • CVE-2019-19746: Fixed segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type (bsc#1159130).
  • CVE-2019-19555: Fixed stack-based buffer overflow because of an incorrect sscanf (bsc#1161698).
  • CVE-2019-14275: Fixed stack-based buffer overflow in the calc_arrow function in bound.c (bsc#1143650).
  • CVE-2020-21680: Fixed a stack-based buffer overflow in the put_arrow() component in genpict2e.c (bsc#1189343).
  • CVE-2020-21681: Fixed a global buffer overflow in the set_color component in genge.c (bsc#1189345).
  • CVE-2020-21682: Fixed a global buffer overflow in the set_fill component in genge.c (bsc#1189346).

  • CVE-2020-21683: Fixed a global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c (bsc#1189325).

  • Do hardening via compile and linker flags

  • Fixed last added upstream commit (boo#1136882)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Point of Service 11 SP3
    zypper in -t patch sleposp3-transfig-14823=1
  • SUSE Linux Enterprise Server 11 SP4 LTSS 11-SP4
    zypper in -t patch slessp4-transfig-14823=1
  • SUSE Linux Enterprise Server 11 SP4
    zypper in -t patch slessp4-transfig-14823=1

Package List:

  • SUSE Linux Enterprise Point of Service 11 SP3 (i586)
    • transfig-3.2.8a-1.160.13.1
  • SUSE Linux Enterprise Server 11 SP4 LTSS 11-SP4 (ppc64 s390x x86_64 i586)
    • transfig-3.2.8a-1.160.13.1
  • SUSE Linux Enterprise Server 11 SP4 (ppc64 s390x x86_64 i586)
    • transfig-3.2.8a-1.160.13.1

References: