Information on source package leptonlib

Available versions

ReleaseVersion
stretch1.74.1-1
stretch (security)1.74.1-1+deb9u1
buster1.76.0-1+deb10u1
bullseye1.79.0-1.1
bookworm1.82.0-3
sid1.82.0-3

Open issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2018-7442vulnerable (no DSA)fixedfixedfixedfixedAn issue was discovered in Leptonica through 1.75.3. The gplotMakeOutp ...
CVE-2018-7186vulnerable (no DSA)fixedfixedfixedfixedLeptonica before 1.75.3 does not limit the number of characters in a % ...
CVE-2018-3836vulnerable (no DSA)fixedfixedfixedfixedAn exploitable command injection vulnerability exists in the gplotMake ...
CVE-2017-18196vulnerable (no DSA)fixedfixedfixedfixedLeptonica 1.74.4 constructs unintended pathnames (containing duplicate ...

Open unimportant issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2018-7441vulnerablefixedfixedfixedfixedLeptonica through 1.75.3 uses hardcoded /tmp pathnames, which might al ...
CVE-2018-7247vulnerablefixedfixedfixedfixedAn issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Lepto ...

Resolved issues

BugDescription
TEMP-0830660-09AE85Insecure use of /tmp
CVE-2020-36281Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFew ...
CVE-2020-36280Leptonica before 1.80.0 allows a heap-based buffer over-read in pixRea ...
CVE-2020-36279Leptonica before 1.80.0 allows a heap-based buffer over-read in raster ...
CVE-2020-36278Leptonica before 1.80.0 allows a heap-based buffer over-read in findNe ...
CVE-2020-36277Leptonica before 1.80.0 allows a denial of service (application crash) ...
CVE-2018-7440An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutp ...

Security announcements

DSA / DLADescription
DLA-2612-1leptonlib - security update
DLA-1302-1leptonlib - security update
DLA-1284-1leptonlib - security update
Search for package or bug name: Reporting problems