Package: fig2dev / 1:3.2.8b-3+deb12u1
Metadata
| Package | Version | Patches format |
|---|---|---|
| fig2dev | 1:3.2.8b-3+deb12u1 | 3.0 (quilt) |
Patch series
view the series file| Patch | File delta | Description |
|---|---|---|
| 29_RGBFILE.patch | (download) |
fig2dev/colors.c |
7 6 + 1 - 0 ! |
rgb.txt can not be located via fig2dev_rgbfile environment variable. This allows one to run the test suite without the package being installed before. |
| 30_epsimport.patch | (download) |
fig2dev/dev/readeps.c |
2 1 + 1 - 0 ! |
[patch] correct a typo causing incorrect eps import, #137 |
| 31_testsuite gs9.56.patch | (download) |
fig2dev/tests/bitmaps.at |
4 2 + 2 - 0 ! |
adapt testsuite to cope with ghostscript 9.56 |
| 32_pass_langname.patch | (download) |
fig2dev/fig2dev.c |
2 1 + 1 - 0 ! |
pass output language name to driver, ticket #139 The output driver is first guessed from the output filename suffix, and the output driver is called with the -L option. If the -L option is specified on the command line, the output driver is called a second time, overriding the first call. In the first call, the language name was not passed to the driver. This is now fixed. A regression from commit [b4a152]. |
| 33_sanitize_rect.patch | (download) |
fig2dev/read.c |
2 2 + 0 - 0 ! |
sanitize rectangles with less than 4 corners, #142 Box objects, e.g., rectangles, were closed and probably further sanitized, regardless of the number of points. Only close boxes, and probably sanitize them further, if they have at least four points. A NULL pointer dereference was triggered for the gbx output language, ticket [#142]. |
| 34_sanitize_arc.patch | (download) |
fig2dev/read.c |
50 48 + 2 - 0 ! |
sanitize arc objects Make sure, that the radius of an arc is larger than one Fig unit. Also, let the distance between the center and the last point on the arc be equal to the distance between the center and the first point on the arc. |
| 35_pict2e_output.patch | (download) |
fig2dev/dev/genpict2e.c |
100 59 + 41 - 0 ! |
pict2e output: arcs ending at multiples of pi/4, #145, #148 For the pict2e output language, arcs are drawn by first constructing a circle of the same radius, generated from a spline. A section corresponding to the arc angle is then cut out from the line forming the circle. Find the end point on the circle by comparing the short coordinate of each point with the sinus or cosinus, respectively, of the end angle times the radius of the circle. Comparing the long coordinate, apart from being a glancing intersection, may fail, since the constructed spline slightly wobbles around the true radius. Less than 1.5 promille, but enough to trigger an error, see tickets #145 and #148. |
| 36_arrowhead.patch | (download) |
fig2dev/dev/genmp.c |
4 3 + 1 - 0 ! |
accept arrowheads without any points, ticket #146 If an arrowhead does not contain any point, fig2dev only crashes for the pict2e output language. Nevertheless, check the number of points in an arrowhead also for the mp and ps output languages. |
| 37_arrow2point.patch | (download) |
fig2dev/dev/genpict2e.c |
7 4 + 3 - 0 ! |
arrow on a two-point, 0 thickness line, ticket #147 In a specially crafted fig file with magnification 12 instead of 1200, an arrow on a short line resulted in invalid memory access. |
| 38_CVE 2025 31162.patch | (download) |
fig2dev/object.h |
3 2 + 1 - 0 ! |
reject huge pattern lengths, ticket #185 Reject patterned lines, e.g., dashed lines, where the pattern length exceeds 80 inches. This fixes CVE-2025-31162 |
| 39_CVE 2025 31163.patch | (download) |
fig2dev/object.h |
14 9 + 5 - 0 ! |
reject arcs with co-incident points, ticket #186 This fixes CVE-2025-31163. |
| 40_CVE 2025 31164.patch | (download) |
fig2dev/read.c |
8 8 + 0 - 0 ! |
allow an arc-box with zero radius, ticket #184 In the pict2e output, a rectangle with rounded corners, dashed line type and zero corner-radius would cause a crash. Convert rectangles with rounded corners and zero corner-radius to regular rectangles. This fixes CVE-2025-31164. |