Information on source package graphviz

Available versions

ReleaseVersion
jessie2.38.0-7
stretch2.38.0-17
buster2.40.1-5
sid2.40.1-5

Open issues

BugjessiestretchbustersidDescription
CVE-2018-10196vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableNULL pointer dereference vulnerability in the rebuild_vlists function ...

Resolved issues

BugDescription
CVE-2014-9157Format string vulnerability in the yyerror function in ...
CVE-2014-1236Stack-based buffer overflow in the chkNum function in ...
CVE-2014-1235Stack-based buffer overflow in the "yyerror" function in Graphviz ...
CVE-2014-0978Stack-based buffer overflow in the yyerror function in ...
CVE-2009-3736ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as ...
CVE-2008-4555Stack-based buffer overflow in the push_subg function in parser.y ...
CVE-2005-4803graphviz before 2.2.1 allows local users to overwrite arbitrary files ...

Security announcements

DSA / DLADescription
DSA-3098-1graphviz - security update
DLA-105-1graphviz - security update
DSA-2843-1graphviz - buffer overflow
DSA-2843-1graphviz - buffer overflow
DSA-857-1graphviz - insecure temporary file

Search for package or bug name: Reporting problems