Candidate: CVE-2017-12951
PublicDate: 2017-08-28 19:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12951
 http://seclists.org/fulldisclosure/2017/Aug/39
Description:
 The gig::DimensionRegion::CreateVelocityTable function in gig.cpp in libgig
 4.0.0 allows remote attackers to cause a denial of service (stack-based
 buffer over-read and application crash) via a crafted gig file.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H [6.5 MEDIUM]

Patches_libgig:
upstream_libgig: released (4.0.0-5)
precise/esm_libgig: DNE
trusty_libgig: ignored (reached end-of-life)
trusty/esm_libgig: DNE (trusty was needed)
vivid/ubuntu-core_libgig: DNE
xenial_libgig: ignored (end of standard support, was needed)
zesty_libgig: ignored (reached end-of-life)
artful_libgig: ignored (reached end-of-life)
bionic_libgig: not-affected (4.1.0~repack-2)
cosmic_libgig: not-affected (4.1.0~repack-2)
disco_libgig: not-affected (4.1.0~repack-2)
eoan_libgig: not-affected (4.1.0~repack-2)
focal_libgig: not-affected (4.1.0~repack-2)
groovy_libgig: not-affected (4.1.0~repack-2)
hirsute_libgig: not-affected (4.1.0~repack-2)
impish_libgig: not-affected (4.1.0~repack-2)
jammy_libgig: not-affected (4.1.0~repack-2)
devel_libgig: not-affected (4.1.0~repack-2)