| Release | Version |
|---|---|
| jessie | 1.71-2.1 |
| stretch | 1.74.1-1 |
| buster | 1.76.0-1 |
| sid | 1.76.0-1 |
| Bug | jessie | stretch | buster | sid | Description |
|---|---|---|---|---|---|
| CVE-2018-7442 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | An issue was discovered in Leptonica through 1.75.3. The ... |
| CVE-2018-7186 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Leptonica before 1.75.3 does not limit the number of characters in a %s ... |
| CVE-2018-3836 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | An exploitable command injection vulnerability exists in the ... |
| CVE-2017-18196 | fixed | vulnerable (no DSA) | fixed | fixed | Leptonica 1.74.4 constructs unintended pathnames (containing duplicated ... |
| Bug | jessie | stretch | buster | sid | Description |
|---|---|---|---|---|---|
| TEMP-0830660-09AE85 | vulnerable | fixed | fixed | fixed | Insecure use of /tmp |
| CVE-2018-7441 | vulnerable | vulnerable | fixed | fixed | Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which might ... |
| CVE-2018-7247 | vulnerable | vulnerable | fixed | fixed | An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in ... |
| Bug | Description |
|---|---|
| CVE-2018-7440 | An issue was discovered in Leptonica through 1.75.3. The ... |
| DSA / DLA | Description |
|---|---|
| DLA-1302-1 | leptonlib - security update |
| DLA-1284-1 | leptonlib - security update |