Information on source package leptonlib

Available versions

ReleaseVersion
buster1.76.0-1+deb10u1
bullseye1.79.0-1.1
bookworm1.82.0-3
sid1.82.0-3

Open issues

BugbusterbullseyebookwormsidDescription
CVE-2022-38266vulnerable (no DSA, postponed)vulnerable (no DSA)fixedfixedAn issue in the Leptonica linked library (v1.79.0) allows attackers to ...

Resolved issues

BugDescription
TEMP-0830660-09AE85Insecure use of /tmp
CVE-2020-36281Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFew ...
CVE-2020-36280Leptonica before 1.80.0 allows a heap-based buffer over-read in pixRea ...
CVE-2020-36279Leptonica before 1.80.0 allows a heap-based buffer over-read in raster ...
CVE-2020-36278Leptonica before 1.80.0 allows a heap-based buffer over-read in findNe ...
CVE-2020-36277Leptonica before 1.80.0 allows a denial of service (application crash) ...
CVE-2018-7442An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutp ...
CVE-2018-7441Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which might al ...
CVE-2018-7440An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutp ...
CVE-2018-7247An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Lepto ...
CVE-2018-7186Leptonica before 1.75.3 does not limit the number of characters in a % ...
CVE-2018-3836An exploitable command injection vulnerability exists in the gplotMake ...
CVE-2017-18196Leptonica 1.74.4 constructs unintended pathnames (containing duplicate ...

Security announcements

DSA / DLADescription
DLA-2612-1leptonlib - security update
DLA-1302-1leptonlib - security update
DLA-1284-1leptonlib - security update

Search for package or bug name: Reporting problems