——————————————————————————–
Fedora Update Notification
FEDORA-2017-d7739ff31b
2017-08-15 15:09:05.882153
——————————————————————————–
Name : potrace
Product : Fedora 25
Version : 1.15
Release : 1.fc25
URL : http://potrace.sourceforge.net
Summary : Transform bitmaps into vector graphics
Description :
Potrace is a utility for tracing a bitmap, which means, transforming a bitmap
into a smooth, scalable image. The input is a bitmap (PBM, PGM, PPM, or BMP
format), and the default output is an encapsulated PostScript file (EPS).
A typical use is to create EPS files from scanned data, such as company or
university logos, handwritten notes, etc. The resulting image is not “jaggy”
like a bitmap, but smooth. It can then be rendered at any resolution.
Potrace can currently produce the following output formats: EPS, PostScript,
PDF, SVG (scalable vector graphics), Xfig, Gimppath, and PGM (for easy
antialiasing). Additional backends might be added in the future.
Mkbitmap is a program distributed with Potrace which can be used to pre-process
the input for better tracing behavior on greyscale and color images.
——————————————————————————–
Update Information:
This release consists of bugfixes and minor portability improvements. Some
potential buffer overflows and arithmetic overflows were fixed, including
CVE-2017-12067. A bug triggered by very large bitmaps has been fixed.
——————————————————————————–
References:
[ 1 ] Bug #1477104 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477104
[ 2 ] Bug #1385513 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385513
[ 3 ] Bug #1477105 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477105
[ 4 ] Bug #1385512 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385512
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade potrace’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2017-d7739ff31b
2017-08-15 15:09:05.882153
——————————————————————————–
Name : potrace
Product : Fedora 25
Version : 1.15
Release : 1.fc25
URL : http://potrace.sourceforge.net
Summary : Transform bitmaps into vector graphics
Description :
Potrace is a utility for tracing a bitmap, which means, transforming a bitmap
into a smooth, scalable image. The input is a bitmap (PBM, PGM, PPM, or BMP
format), and the default output is an encapsulated PostScript file (EPS).
A typical use is to create EPS files from scanned data, such as company or
university logos, handwritten notes, etc. The resulting image is not “jaggy”
like a bitmap, but smooth. It can then be rendered at any resolution.
Potrace can currently produce the following output formats: EPS, PostScript,
PDF, SVG (scalable vector graphics), Xfig, Gimppath, and PGM (for easy
antialiasing). Additional backends might be added in the future.
Mkbitmap is a program distributed with Potrace which can be used to pre-process
the input for better tracing behavior on greyscale and color images.
——————————————————————————–
Update Information:
This release consists of bugfixes and minor portability improvements. Some
potential buffer overflows and arithmetic overflows were fixed, including
CVE-2017-12067. A bug triggered by very large bitmaps has been fixed.
——————————————————————————–
References:
[ 1 ] Bug #1477104 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477104
[ 2 ] Bug #1385513 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385513
[ 3 ] Bug #1477105 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477105
[ 4 ] Bug #1385512 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385512
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade potrace’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2017-d7739ff31b
2017-08-15 15:09:05.882153
——————————————————————————–
Name : potrace
Product : Fedora 25
Version : 1.15
Release : 1.fc25
URL : http://potrace.sourceforge.net
Summary : Transform bitmaps into vector graphics
Description :
Potrace is a utility for tracing a bitmap, which means, transforming a bitmap
into a smooth, scalable image. The input is a bitmap (PBM, PGM, PPM, or BMP
format), and the default output is an encapsulated PostScript file (EPS).
A typical use is to create EPS files from scanned data, such as company or
university logos, handwritten notes, etc. The resulting image is not “jaggy”
like a bitmap, but smooth. It can then be rendered at any resolution.
Potrace can currently produce the following output formats: EPS, PostScript,
PDF, SVG (scalable vector graphics), Xfig, Gimppath, and PGM (for easy
antialiasing). Additional backends might be added in the future.
Mkbitmap is a program distributed with Potrace which can be used to pre-process
the input for better tracing behavior on greyscale and color images.
——————————————————————————–
Update Information:
This release consists of bugfixes and minor portability improvements. Some
potential buffer overflows and arithmetic overflows were fixed, including
CVE-2017-12067. A bug triggered by very large bitmaps has been fixed.
——————————————————————————–
References:
[ 1 ] Bug #1477104 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477104
[ 2 ] Bug #1385513 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385513
[ 3 ] Bug #1477105 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477105
[ 4 ] Bug #1385512 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385512
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade potrace’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2017-d7739ff31b
2017-08-15 15:09:05.882153
——————————————————————————–
Name : potrace
Product : Fedora 25
Version : 1.15
Release : 1.fc25
URL : http://potrace.sourceforge.net
Summary : Transform bitmaps into vector graphics
Description :
Potrace is a utility for tracing a bitmap, which means, transforming a bitmap
into a smooth, scalable image. The input is a bitmap (PBM, PGM, PPM, or BMP
format), and the default output is an encapsulated PostScript file (EPS).
A typical use is to create EPS files from scanned data, such as company or
university logos, handwritten notes, etc. The resulting image is not “jaggy”
like a bitmap, but smooth. It can then be rendered at any resolution.
Potrace can currently produce the following output formats: EPS, PostScript,
PDF, SVG (scalable vector graphics), Xfig, Gimppath, and PGM (for easy
antialiasing). Additional backends might be added in the future.
Mkbitmap is a program distributed with Potrace which can be used to pre-process
the input for better tracing behavior on greyscale and color images.
——————————————————————————–
Update Information:
This release consists of bugfixes and minor portability improvements. Some
potential buffer overflows and arithmetic overflows were fixed, including
CVE-2017-12067. A bug triggered by very large bitmaps has been fixed.
——————————————————————————–
References:
[ 1 ] Bug #1477104 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477104
[ 2 ] Bug #1385513 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385513
[ 3 ] Bug #1477105 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477105
[ 4 ] Bug #1385512 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385512
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade potrace’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2017-d7739ff31b
2017-08-15 15:09:05.882153
——————————————————————————–
Name : potrace
Product : Fedora 25
Version : 1.15
Release : 1.fc25
URL : http://potrace.sourceforge.net
Summary : Transform bitmaps into vector graphics
Description :
Potrace is a utility for tracing a bitmap, which means, transforming a bitmap
into a smooth, scalable image. The input is a bitmap (PBM, PGM, PPM, or BMP
format), and the default output is an encapsulated PostScript file (EPS).
A typical use is to create EPS files from scanned data, such as company or
university logos, handwritten notes, etc. The resulting image is not “jaggy”
like a bitmap, but smooth. It can then be rendered at any resolution.
Potrace can currently produce the following output formats: EPS, PostScript,
PDF, SVG (scalable vector graphics), Xfig, Gimppath, and PGM (for easy
antialiasing). Additional backends might be added in the future.
Mkbitmap is a program distributed with Potrace which can be used to pre-process
the input for better tracing behavior on greyscale and color images.
——————————————————————————–
Update Information:
This release consists of bugfixes and minor portability improvements. Some
potential buffer overflows and arithmetic overflows were fixed, including
CVE-2017-12067. A bug triggered by very large bitmaps has been fixed.
——————————————————————————–
References:
[ 1 ] Bug #1477104 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477104
[ 2 ] Bug #1385513 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385513
[ 3 ] Bug #1477105 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477105
[ 4 ] Bug #1385512 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385512
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade potrace’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2017-d7739ff31b
2017-08-15 15:09:05.882153
——————————————————————————–
Name : potrace
Product : Fedora 25
Version : 1.15
Release : 1.fc25
URL : http://potrace.sourceforge.net
Summary : Transform bitmaps into vector graphics
Description :
Potrace is a utility for tracing a bitmap, which means, transforming a bitmap
into a smooth, scalable image. The input is a bitmap (PBM, PGM, PPM, or BMP
format), and the default output is an encapsulated PostScript file (EPS).
A typical use is to create EPS files from scanned data, such as company or
university logos, handwritten notes, etc. The resulting image is not “jaggy”
like a bitmap, but smooth. It can then be rendered at any resolution.
Potrace can currently produce the following output formats: EPS, PostScript,
PDF, SVG (scalable vector graphics), Xfig, Gimppath, and PGM (for easy
antialiasing). Additional backends might be added in the future.
Mkbitmap is a program distributed with Potrace which can be used to pre-process
the input for better tracing behavior on greyscale and color images.
——————————————————————————–
Update Information:
This release consists of bugfixes and minor portability improvements. Some
potential buffer overflows and arithmetic overflows were fixed, including
CVE-2017-12067. A bug triggered by very large bitmaps has been fixed.
——————————————————————————–
References:
[ 1 ] Bug #1477104 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477104
[ 2 ] Bug #1385513 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385513
[ 3 ] Bug #1477105 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477105
[ 4 ] Bug #1385512 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385512
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade potrace’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2017-d7739ff31b
2017-08-15 15:09:05.882153
——————————————————————————–
Name : potrace
Product : Fedora 25
Version : 1.15
Release : 1.fc25
URL : http://potrace.sourceforge.net
Summary : Transform bitmaps into vector graphics
Description :
Potrace is a utility for tracing a bitmap, which means, transforming a bitmap
into a smooth, scalable image. The input is a bitmap (PBM, PGM, PPM, or BMP
format), and the default output is an encapsulated PostScript file (EPS).
A typical use is to create EPS files from scanned data, such as company or
university logos, handwritten notes, etc. The resulting image is not “jaggy”
like a bitmap, but smooth. It can then be rendered at any resolution.
Potrace can currently produce the following output formats: EPS, PostScript,
PDF, SVG (scalable vector graphics), Xfig, Gimppath, and PGM (for easy
antialiasing). Additional backends might be added in the future.
Mkbitmap is a program distributed with Potrace which can be used to pre-process
the input for better tracing behavior on greyscale and color images.
——————————————————————————–
Update Information:
This release consists of bugfixes and minor portability improvements. Some
potential buffer overflows and arithmetic overflows were fixed, including
CVE-2017-12067. A bug triggered by very large bitmaps has been fixed.
——————————————————————————–
References:
[ 1 ] Bug #1477104 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477104
[ 2 ] Bug #1385513 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385513
[ 3 ] Bug #1477105 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477105
[ 4 ] Bug #1385512 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385512
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade potrace’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2017-d7739ff31b
2017-08-15 15:09:05.882153
——————————————————————————–
Name : potrace
Product : Fedora 25
Version : 1.15
Release : 1.fc25
URL : http://potrace.sourceforge.net
Summary : Transform bitmaps into vector graphics
Description :
Potrace is a utility for tracing a bitmap, which means, transforming a bitmap
into a smooth, scalable image. The input is a bitmap (PBM, PGM, PPM, or BMP
format), and the default output is an encapsulated PostScript file (EPS).
A typical use is to create EPS files from scanned data, such as company or
university logos, handwritten notes, etc. The resulting image is not “jaggy”
like a bitmap, but smooth. It can then be rendered at any resolution.
Potrace can currently produce the following output formats: EPS, PostScript,
PDF, SVG (scalable vector graphics), Xfig, Gimppath, and PGM (for easy
antialiasing). Additional backends might be added in the future.
Mkbitmap is a program distributed with Potrace which can be used to pre-process
the input for better tracing behavior on greyscale and color images.
——————————————————————————–
Update Information:
This release consists of bugfixes and minor portability improvements. Some
potential buffer overflows and arithmetic overflows were fixed, including
CVE-2017-12067. A bug triggered by very large bitmaps has been fixed.
——————————————————————————–
References:
[ 1 ] Bug #1477104 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477104
[ 2 ] Bug #1385513 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385513
[ 3 ] Bug #1477105 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477105
[ 4 ] Bug #1385512 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385512
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade potrace’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2017-d7739ff31b
2017-08-15 15:09:05.882153
——————————————————————————–
Name : potrace
Product : Fedora 25
Version : 1.15
Release : 1.fc25
URL : http://potrace.sourceforge.net
Summary : Transform bitmaps into vector graphics
Description :
Potrace is a utility for tracing a bitmap, which means, transforming a bitmap
into a smooth, scalable image. The input is a bitmap (PBM, PGM, PPM, or BMP
format), and the default output is an encapsulated PostScript file (EPS).
A typical use is to create EPS files from scanned data, such as company or
university logos, handwritten notes, etc. The resulting image is not “jaggy”
like a bitmap, but smooth. It can then be rendered at any resolution.
Potrace can currently produce the following output formats: EPS, PostScript,
PDF, SVG (scalable vector graphics), Xfig, Gimppath, and PGM (for easy
antialiasing). Additional backends might be added in the future.
Mkbitmap is a program distributed with Potrace which can be used to pre-process
the input for better tracing behavior on greyscale and color images.
——————————————————————————–
Update Information:
This release consists of bugfixes and minor portability improvements. Some
potential buffer overflows and arithmetic overflows were fixed, including
CVE-2017-12067. A bug triggered by very large bitmaps has been fixed.
——————————————————————————–
References:
[ 1 ] Bug #1477104 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477104
[ 2 ] Bug #1385513 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385513
[ 3 ] Bug #1477105 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477105
[ 4 ] Bug #1385512 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385512
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade potrace’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2017-d7739ff31b
2017-08-15 15:09:05.882153
——————————————————————————–
Name : potrace
Product : Fedora 25
Version : 1.15
Release : 1.fc25
URL : http://potrace.sourceforge.net
Summary : Transform bitmaps into vector graphics
Description :
Potrace is a utility for tracing a bitmap, which means, transforming a bitmap
into a smooth, scalable image. The input is a bitmap (PBM, PGM, PPM, or BMP
format), and the default output is an encapsulated PostScript file (EPS).
A typical use is to create EPS files from scanned data, such as company or
university logos, handwritten notes, etc. The resulting image is not “jaggy”
like a bitmap, but smooth. It can then be rendered at any resolution.
Potrace can currently produce the following output formats: EPS, PostScript,
PDF, SVG (scalable vector graphics), Xfig, Gimppath, and PGM (for easy
antialiasing). Additional backends might be added in the future.
Mkbitmap is a program distributed with Potrace which can be used to pre-process
the input for better tracing behavior on greyscale and color images.
——————————————————————————–
Update Information:
This release consists of bugfixes and minor portability improvements. Some
potential buffer overflows and arithmetic overflows were fixed, including
CVE-2017-12067. A bug triggered by very large bitmaps has been fixed.
——————————————————————————–
References:
[ 1 ] Bug #1477104 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477104
[ 2 ] Bug #1385513 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385513
[ 3 ] Bug #1477105 – CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1477105
[ 4 ] Bug #1385512 – CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1385512
——————————————————————————–
This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade potrace’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org