Register | Log in

cairo

Choose email to subscribe with

general

source: cairo (main)
version: 1.18.0-1
maintainer: Debian GNOME Maintainers (archive) (DMD)
uploaders: Laurent Bigonville [DMD] – Emilio Pozuelo Monfort [DMD] – Michael Biebl [DMD] – Iain Lane [DMD] – Jeremy Bícha [DMD]
arch: all any
std-ver: 4.6.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.16.0-4+deb10u1
oldstable: 1.16.0-5
stable: 1.16.0-7
testing: 1.18.0-1
unstable: 1.18.0-1

versioned links

1.16.0-4+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.16.0-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.16.0-7: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.18.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libcairo-gobject2
libcairo-script-interpreter2
libcairo2 (45 bugs: 0, 44, 1, 0)
libcairo2-dev (1 bugs: 0, 1, 0, 0)
libcairo2-doc
libcairo2-udeb

action needed

2 security issues in trixie high

There are 2 open security issues in trixie.

2 important issues:

CVE-2017-7475: Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.
CVE-2018-18064: cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).

Created: 2023-06-11 Last update: 2023-09-29 07:39

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2017-7475: Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.
CVE-2018-18064: cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).

Created: 2022-07-04 Last update: 2023-09-29 07:39

3 bugs tagged patch in the BTS normal

The BTS contains patches fixing 3 bugs, consider including or untagging them.

Created: 2023-09-13 Last update: 2023-10-04 04:00

Depends on packages which need a new maintainer normal

The packages that cairo depends on which need a new maintainer are:

ghostscript (#1022718)
- Build-Depends: ghostscript

Created: 2023-09-06 Last update: 2023-10-04 03:03

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2023-09-06 Last update: 2023-09-06 21:11

No known security issue in bullseye wishlist

There are 4 open security issues in bullseye.

4 ignored issues:

CVE-2017-7475: Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.
CVE-2019-6461: An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.
CVE-2019-6462: An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized.
CVE-2018-18064: cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).

Created: 2022-07-04 Last update: 2023-09-29 07:39

No known security issue in bookworm wishlist

There are 4 open security issues in bookworm.

4 ignored issues:

CVE-2017-7475: Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.
CVE-2019-6461: An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.
CVE-2019-6462: An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized.
CVE-2018-18064: cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).

Created: 2023-06-10 Last update: 2023-09-29 07:39

news

[2023-09-29] cairo 1.18.0-1 MIGRATED to testing (Debian testing watch)
[2023-09-23] Accepted cairo 1.18.0-1 (source) into unstable (Jeremy Bícha) (signed by: Jeremy Bicha)
[2023-09-11] cairo 1.17.8-3 MIGRATED to testing (Debian testing watch)
[2023-09-06] Accepted cairo 1.17.8-3 (source) into unstable (Jeremy Bícha) (signed by: Jeremy Bicha)
[2023-07-02] Accepted cairo 1.17.8-2 (source) into experimental (Jeremy Bícha) (signed by: Jeremy Bicha)
[2023-07-01] Accepted cairo 1.17.8-1 (source) into experimental (Jeremy Bícha) (signed by: Jeremy Bicha)
[2022-12-15] cairo 1.16.0-7 MIGRATED to testing (Debian testing watch)
[2022-12-15] cairo 1.16.0-7 MIGRATED to testing (Debian testing watch)
[2022-12-09] Accepted cairo 1.16.0-7 (source) into unstable (Jeremy Bicha)
[2022-07-18] cairo 1.16.0-6 MIGRATED to testing (Debian testing watch)
[2022-07-13] Accepted cairo 1.16.0-6 (source) into unstable (Simon McVittie)
[2021-01-30] Accepted cairo 1.16.0-4+deb10u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
[2021-01-07] cairo 1.16.0-5 MIGRATED to testing (Debian testing watch)
[2021-01-05] Accepted cairo 1.14.8-1+deb9u1 (source amd64 all) into oldstable (Utkarsh Gupta)
[2021-01-01] Accepted cairo 1.16.0-5 (source) into unstable (Simon McVittie)
[2019-03-20] cairo 1.16.0-4 MIGRATED to testing (Debian testing watch)
[2019-03-15] Accepted cairo 1.16.0-4 (source) into unstable (Simon McVittie)
[2019-03-05] cairo 1.16.0-3 MIGRATED to testing (Debian testing watch)
[2019-02-22] Accepted cairo 1.16.0-3 (source) into unstable (Sebastien Bacher)
[2018-12-26] cairo 1.16.0-2 MIGRATED to testing (Debian testing watch)
[2018-12-23] Accepted cairo 1.16.0-2 (source) into unstable (Jeremy Bicha)
[2018-10-23] cairo 1.16.0-1 MIGRATED to testing (Debian testing watch)
[2018-10-20] Accepted cairo 1.16.0-1 (source) into unstable (Jeremy Bicha)
[2018-08-26] cairo 1.15.12-1 MIGRATED to testing (Debian testing watch)
[2018-08-24] Accepted cairo 1.15.12-1 (source) into unstable (Jeremy Bicha)
[2018-04-24] cairo 1.15.10-3 MIGRATED to testing (Debian testing watch)
[2018-04-18] Accepted cairo 1.15.10-3 (source) into unstable (Emilio Pozuelo Monfort)
[2018-02-25] Accepted cairo 1.15.10-2 (source) into unstable (Jeremy Bicha)
[2018-02-08] cairo 1.15.10-1 MIGRATED to testing (Debian testing watch)
[2018-02-02] Accepted cairo 1.15.10-1 (source) into unstable (Jeremy Bicha)

1
2

bugs [bug history graph]

all: 54 56
RC: 0
I&N: 50 52
M&W: 4
F&P: 0
patch: 3

links

homepage
lintian
buildd: logs, checks, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.18.0-1
26 bugs (2 patches)

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing