CVE-2016-9082

Priority
Description
Integer overflow in the write_png function in cairo 1.14.6 allows remote
attackers to cause a denial of service (invalid pointer dereference) via a
large svg file.
Package
Source: cairo (LP Ubuntu Debian)
Upstream:released (1.14.6-1.1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (1.14.6-1.1)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (1.14.6-1.1)
Ubuntu 19.04 (Disco Dingo):not-affected (1.14.6-1.1)
Patches:
Upstream:https://cgit.freedesktop.org/cairo/commit/?id=38fbe621cf80d560cfc27b54b5417b62cda64c8a
More Information

Updated: 2019-01-14 21:21:36 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)