Package: fig2dev | Debian Sources

Package: fig2dev / 1:3.2.8b-3+deb12u2

Metadata

Package	Version	Patches format
fig2dev	1:3.2.8b-3+deb12u2	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
29_RGBFILE.patch \| (download)	fig2dev/colors.c \| 7 6 + 1 - 0 ! 1 file changed, 6 insertions(+), 1 deletion(-)	rgb.txt can not be located via fig2dev_rgbfile environment variable. This allows one to run the test suite without the package being installed before.
30_epsimport.patch \| (download)	fig2dev/dev/readeps.c \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	[patch] correct a typo causing incorrect eps import, #137
31_testsuite gs9.56.patch \| (download)	fig2dev/tests/bitmaps.at \| 4 2 + 2 - 0 ! 1 file changed, 2 insertions(+), 2 deletions(-)	adapt testsuite to cope with ghostscript 9.56
32_pass_langname.patch \| (download)	fig2dev/fig2dev.c \| 2 1 + 1 - 0 ! fig2dev/tests/input.at \| 14 10 + 4 - 0 ! 2 files changed, 11 insertions(+), 5 deletions(-)	pass output language name to driver, ticket #139 The output driver is first guessed from the output filename suffix, and the output driver is called with the -L option. If the -L option is specified on the command line, the output driver is called a second time, overriding the first call. In the first call, the language name was not passed to the driver. This is now fixed. A regression from commit [b4a152].
33_sanitize_rect.patch \| (download)	fig2dev/read.c \| 2 2 + 0 - 0 ! fig2dev/tests/read.at \| 14 12 + 2 - 0 ! 2 files changed, 14 insertions(+), 2 deletions(-)	sanitize rectangles with less than 4 corners, #142 Box objects, e.g., rectangles, were closed and probably further sanitized, regardless of the number of points. Only close boxes, and probably sanitize them further, if they have at least four points. A NULL pointer dereference was triggered for the gbx output language, ticket [#142].
34_sanitize_arc.patch \| (download)	fig2dev/read.c \| 50 48 + 2 - 0 ! fig2dev/tests/output.at \| 4 2 + 2 - 0 ! 2 files changed, 50 insertions(+), 4 deletions(-)	sanitize arc objects Make sure, that the radius of an arc is larger than one Fig unit. Also, let the distance between the center and the last point on the arc be equal to the distance between the center and the first point on the arc.
35_pict2e_output.patch \| (download)	fig2dev/dev/genpict2e.c \| 100 59 + 41 - 0 ! fig2dev/tests/output.at \| 25 25 + 0 - 0 ! 2 files changed, 84 insertions(+), 41 deletions(-)	pict2e output: arcs ending at multiples of pi/4, #145, #148 For the pict2e output language, arcs are drawn by first constructing a circle of the same radius, generated from a spline. A section corresponding to the arc angle is then cut out from the line forming the circle. Find the end point on the circle by comparing the short coordinate of each point with the sinus or cosinus, respectively, of the end angle times the radius of the circle. Comparing the long coordinate, apart from being a glancing intersection, may fail, since the constructed spline slightly wobbles around the true radius. Less than 1.5 promille, but enough to trigger an error, see tickets #145 and #148.
36_arrowhead.patch \| (download)	fig2dev/dev/genmp.c \| 4 3 + 1 - 0 ! fig2dev/dev/genpict2e.c \| 2 2 + 0 - 0 ! fig2dev/dev/genps.c \| 5 4 + 1 - 0 ! fig2dev/tests/output.at \| 9 9 + 0 - 0 ! 4 files changed, 18 insertions(+), 2 deletions(-)	accept arrowheads without any points, ticket #146 If an arrowhead does not contain any point, fig2dev only crashes for the pict2e output language. Nevertheless, check the number of points in an arrowhead also for the mp and ps output languages.
37_arrow2point.patch \| (download)	fig2dev/dev/genpict2e.c \| 7 4 + 3 - 0 ! fig2dev/tests/output.at \| 22 21 + 1 - 0 ! 2 files changed, 25 insertions(+), 4 deletions(-)	arrow on a two-point, 0 thickness line, ticket #147 In a specially crafted fig file with magnification 12 instead of 1200, an arrow on a short line resulted in invalid memory access.
38_CVE 2025 31162.patch \| (download)	fig2dev/object.h \| 3 2 + 1 - 0 ! 1 file changed, 2 insertions(+), 1 deletion(-)	reject huge pattern lengths, ticket #185 Reject patterned lines, e.g., dashed lines, where the pattern length exceeds 80 inches. This fixes CVE-2025-31162
39_CVE 2025 31163.patch \| (download)	fig2dev/object.h \| 14 9 + 5 - 0 ! fig2dev/tests/read.at \| 10 10 + 0 - 0 ! 2 files changed, 19 insertions(+), 5 deletions(-)	reject arcs with co-incident points, ticket #186 This fixes CVE-2025-31163.
40_CVE 2025 31164.patch \| (download)	fig2dev/read.c \| 8 8 + 0 - 0 ! fig2dev/tests/read.at \| 11 11 + 0 - 0 ! 2 files changed, 19 insertions(+)	allow an arc-box with zero radius, ticket #184 In the pict2e output, a rectangle with rounded corners, dashed line type and zero corner-radius would cause a crash. Convert rectangles with rounded corners and zero corner-radius to regular rectangles. This fixes CVE-2025-31164.
41_CVE 2025 46397.patch \| (download)	fig2dev/read.c \| 7 5 + 2 - 0 ! fig2dev/tests/read.at \| 19 19 + 0 - 0 ! 2 files changed, 24 insertions(+), 2 deletions(-)	detect nan in spline control values, ticket #192 Fixes CVE-2025-46397
42_CVE 2025 46398.patch \| (download)	fig2dev/read.c \| 3 2 + 1 - 0 ! 1 file changed, 2 insertions(+), 1 deletion(-)	permit \0 in the second line in the fig file, #191 Fix CVE-2025-46398
43_CVE 2025 46399.patch \| (download)	fig2dev/dev/genge.c \| 3 1 + 2 - 0 ! 1 file changed, 1 insertion(+), 2 deletions(-)	ge output: correct spline computation, ticket #190 Fix CVE-2025-46399
44_CVE 2025 46400.patch \| (download)	fig2dev/object.h \| 8 7 + 1 - 0 ! fig2dev/read1_3.c \| 6 6 + 0 - 0 ! 2 files changed, 13 insertions(+), 1 deletion(-)	reject arcs with a radius smaller than 3, #187 An arc with too small radius caused a crash in pict2e output. Instead of dealing with such arcs in the pict2e driver, reject them already when reading. Fixes CVE-2025-46400

1