graphviz 2.26.3-16.1 source package in Debian
Changelog
graphviz (2.26.3-16.1) unstable; urgency=medium
* Non-maintainer upload.
* Add CVE-2014-1235.patch patch.
CVE-2014-1235: buffer overflow vulnerability in yyerror() introduced by
original fix for CVE-2014-0978. (Closes: #734745)
* Add CVE-2014-1236.patch patch.
CVE-2014-1236: buffer overflow from user input (the regexp in chkNum
would accept arbitrary long digit list) (Closes: #734745)
* Enable hardened build flags.
Thanks to Moritz Muehlenhoff <email address hidden> (Closes: #734804)
* Add fix-missing-format-string.patch patch.
Fixes missing format strings for printf and fprintf calls.
-- Salvatore Bonaccorso <email address hidden> Sun, 12 Jan 2014 14:37:45 +0100
Upload details
- Uploaded by:
- David Claughton
- Uploaded to:
- Sid
- Original maintainer:
- David Claughton
- Architectures:
- any all
- Section:
- graphics
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| graphviz_2.26.3-16.1.dsc | 3.2 KiB | a6d902cefb1d808f664efed09cf74c6874d77d666c70e77b550da4d39e6dea11 |
| graphviz_2.26.3.orig.tar.gz | 16.3 MiB | f410996e69b1095237c2128deae5fc7b6ce99055b095271abb14447bc2f37fa1 |
| graphviz_2.26.3-16.1.debian.tar.gz | 53.8 KiB | 4b0e9ed81c3a39b54984091d64a51b957082723187362118086465cd95ea1aba |
No changes file available.
