| Release | Version |
|---|---|
| bullseye | 1.16.0-5 |
| bookworm | 1.16.0-7 |
| trixie | 1.18.2-2 |
| sid | 1.18.2-2 |
| Bug | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|
| CVE-2019-6462 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | An issue was discovered in cairo 1.16.0. There is an infinite loop in ... |
| CVE-2019-6461 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | An issue was discovered in cairo 1.16.0. There is an assertion problem ... |
| CVE-2018-18064 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | vulnerable | vulnerable | cairo through 1.15.14 has an out-of-bounds stack-memory write during p ... |
| CVE-2017-7475 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | vulnerable | vulnerable | Cairo version 1.15.4 is vulnerable to a NULL pointer dereference relat ... |
| Bug | Description |
|---|---|
| CVE-2020-35492 | A flaw was found in cairo's image-compositor.c in all versions prior t ... |
| CVE-2018-19876 | cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would ... |
| CVE-2017-9814 | cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote atta ... |
| CVE-2016-9082 | Integer overflow in the write_png function in cairo 1.14.6 allows remo ... |
| CVE-2016-3190 | The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c ... |
| CVE-2009-2044 | Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to ... |
| DSA / DLA | Description |
|---|---|
| DLA-2518-1 | cairo - security update |
| DLA-688-1 | cairo - security update |