Debian Package Tracker
Register | Log in
Subscribe

leptonlib

Choose email to subscribe with

general
  • source: leptonlib (main)
  • version: 1.79.0-1
  • maintainer: Jeff Breidenbach (DMD)
  • arch: any
  • std-ver: 4.1.3
  • VCS: unknown
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 1.71-2.1
  • oldstable: 1.74.1-1
  • old-bpo: 1.76.0-1~bpo9+1
  • stable: 1.76.0-1
  • testing: 1.79.0-1
  • unstable: 1.79.0-1
versioned links
  • 1.71-2.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.74.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.76.0-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.76.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.79.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • leptonica-progs
  • liblept5
  • libleptonica-dev
action needed
Multiarch hinter reports 1 issue(s) high
There are issues with the multiarch metadata for this package.
  • libleptonica-dev conflicts on /usr/include/leptonica/endianness.h on s390x <-> amd64, arm64, armel, and 5 more
Created: 2017-03-05 Last update: 2021-01-15 21:31
lintian reports 2 warnings normal
Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.
Created: 2020-09-21 Last update: 2020-09-21 06:02
4 ignored security issues in stretch low
There are 4 open security issues in stretch.
4 issues skipped by the security teams:
  • CVE-2017-18196: Leptonica 1.74.4 constructs unintended pathnames (containing duplicated path components) when operating on files in /tmp subdirectories, which might allow local users to bypass intended file restrictions by leveraging access to a directory located deeper within the /tmp directory tree, as demonstrated by /tmp/ANY/PATH/ANY/PATH/input.tif.
  • CVE-2018-3836: An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that passes attacker data to this function to trigger this vulnerability.
  • CVE-2018-7186: Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and ptaReadStream functions.
  • CVE-2018-7442: An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially leading to path traversal and arbitrary file overwrite.
Please fix them.
Created: 2018-02-06 Last update: 2020-08-07 06:08
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.1.3).
Created: 2018-04-16 Last update: 2020-11-17 05:41
news
[rss feed]
  • [2020-01-10] leptonlib 1.79.0-1 MIGRATED to testing (Debian testing watch)
  • [2020-01-04] Accepted leptonlib 1.79.0-1 (source) into unstable (Jeff Breidenbach)
  • [2019-08-20] leptonlib 1.78.0-2 MIGRATED to testing (Debian testing watch)
  • [2019-06-24] Accepted leptonlib 1.78.0-2 (source amd64) into unstable (Jeff Breidenbach)
  • [2019-05-28] Accepted leptonlib 1.76.0-1~bpo9+1 (source amd64) into stretch-backports->backports-policy, stretch-backports (Paul Wise)
  • [2019-04-02] Accepted leptonlib 1.78.0-1 (source amd64) into unstable (Jeff Breidenbach)
  • [2018-06-07] Accepted leptonlib 1.74.1-1~bpo8+1 (source amd64) into jessie-backports->backports-policy, jessie-backports (Paul Wise)
  • [2018-05-16] leptonlib 1.76.0-1 MIGRATED to testing (Debian testing watch)
  • [2018-05-10] Accepted leptonlib 1.76.0-1 (source amd64) into unstable (Jeff Breidenbach)
  • [2018-04-29] leptonlib 1.75.3-4 MIGRATED to testing (Debian testing watch)
  • [2018-04-24] Accepted leptonlib 1.75.3-4 (source amd64) into unstable (Jeff Breidenbach)
  • [2018-03-08] leptonlib 1.75.3-3 MIGRATED to testing (Debian testing watch)
  • [2018-03-07] Accepted leptonlib 1.69-3.1+deb7u2 (source armhf) into oldoldstable (Santiago R.R.) (signed by: Santiago Ruano Rincón)
  • [2018-03-02] Accepted leptonlib 1.75.3-3 (source amd64) into unstable (Jeff Breidenbach)
  • [2018-02-22] leptonlib 1.75.3-2 MIGRATED to testing (Debian testing watch)
  • [2018-02-17] Accepted leptonlib 1.75.3-2 (source amd64) into unstable (Jeff Breidenbach)
  • [2018-02-15] Accepted leptonlib 1.75.3-1 (source amd64) into unstable (Jeff Breidenbach)
  • [2018-02-15] Accepted leptonlib 1.69-3.1+deb7u1 (source amd64) into oldoldstable (Abhijith PA) (signed by: Roberto C. Sanchez)
  • [2018-01-09] leptonlib 1.74.4-2 MIGRATED to testing (Debian testing watch)
  • [2018-01-03] Accepted leptonlib 1.74.4-2 (source amd64) into unstable (Jeff Breidenbach)
  • [2017-08-02] leptonlib 1.74.4-1 MIGRATED to testing (Debian testing watch)
  • [2017-07-28] Accepted leptonlib 1.74.4-1 (source amd64) into unstable (Jeff Breidenbach)
  • [2017-01-14] leptonlib 1.74.1-1 MIGRATED to testing (Debian testing watch)
  • [2017-01-03] Accepted leptonlib 1.74.1-1 (source amd64) into unstable (Jeff Breidenbach)
  • [2017-01-01] leptonlib 1.73-6 MIGRATED to testing (Debian testing watch)
  • [2016-12-21] Accepted leptonlib 1.73-6 (source amd64) into unstable (Jeff Breidenbach)
  • [2016-08-01] leptonlib 1.73-5 MIGRATED to testing (Debian testing watch)
  • [2016-07-26] Accepted leptonlib 1.73-5 (source amd64) into unstable (Jeff Breidenbach)
  • [2016-07-22] Accepted leptonlib 1.73-4 (source amd64) into unstable (Jeff Breidenbach)
  • [2016-07-19] Accepted leptonlib 1.73-3 (source amd64) into unstable (Jeff Breidenbach)
  • 1
  • 2
bugs [bug history graph]
  • all: 0
links
  • lintian (0, 2)
  • buildd: logs, clang, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 1.79.0-1
  • 2 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing