CVE-2018-19492

Priority
Description
An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an
attacker to conduct a buffer overflow with an arbitrary amount of data in
the cairotrm_options function. This flaw is caused by a missing size check
of an argument passed to the "set font" function. This issue occurs when
the Gnuplot pngcairo terminal is used as a backend.
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):released (4.6.6-3ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver):needed
Ubuntu 20.04 LTS (Focal Fossa):needed
Ubuntu 20.10 (Groovy Gorilla):needed
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
More Information

Updated: 2020-09-26 02:17:03 UTC (commit dabd3af71e401b9fb6a4a072047eea5835e510be)