-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2017-8683c5e591 2017-08-31 13:59:49.882416 --------------------------------------------------------------------------------
Name : potrace Product : Fedora EPEL 7 Version : 1.15 Release : 1.el7 URL : http://potrace.sourceforge.net Summary : Transform bitmaps into vector graphics Description : Potrace is a utility for tracing a bitmap, which means, transforming a bitmap into a smooth, scalable image. The input is a bitmap (PBM, PGM, PPM, or BMP format), and the default output is an encapsulated PostScript file (EPS). A typical use is to create EPS files from scanned data, such as company or university logos, handwritten notes, etc. The resulting image is not "jaggy" like a bitmap, but smooth. It can then be rendered at any resolution.
Potrace can currently produce the following output formats: EPS, PostScript, PDF, SVG (scalable vector graphics), Xfig, Gimppath, and PGM (for easy antialiasing). Additional backends might be added in the future.
Mkbitmap is a program distributed with Potrace which can be used to pre-process the input for better tracing behavior on greyscale and color images.
-------------------------------------------------------------------------------- Update Information:
This release consists of bugfixes and minor portability improvements. Some potential buffer overflows and arithmetic overflows were fixed, including CVE-2017-12067. A bug triggered by very large bitmaps has been fixed. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1477104 - CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477104 [ 2 ] Bug #1385513 - CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1385513 [ 3 ] Bug #1477105 - CVE-2017-12067 potrace: heap-based buffer over-read in the interpolate_cubic function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477105 [ 4 ] Bug #1385512 - CVE-2016-8685 CVE-2016-8686 CVE-2016-8694 CVE-2016-8695 CVE-2016-8696 CVE-2016-8697 CVE-2016-8698 CVE-2016-8699 CVE-2016-8700 CVE-2016-8701 CVE-2016-8702 CVE-2016-8703 CVE-2017-7263 potrace: Multiple security issues [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1385512 --------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use su -c 'yum update potrace' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
epel-package-announce@lists.fedoraproject.org