Updated transfig packages fix security vulnerabilities

fig2dev stack-overflow. CVE-2025-46397 fig2dev stack-overflow via readobjects. CVE-2025-46398 fig2dev segmentation fault vulnerability. CVE-2025-46399 fig2dev segmentation fault in readarcobject. CVE-2025-46400...

Unity Linux 20.1070e Security Update: transfig (UTSA-2025-984801)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984801 advisory. In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via readarcobject function...

Linux Distros Unpatched Vulnerability : CVE-2025-46400

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via readarcobject function...

OESA-2025-1948 transfig security update

The transfig utility creates a makefile which translates FIG created by xfig or PIC figures into a specified LaTeX graphics language for example, PostScriptTM. Transfig is used to create TeX documents which are portable i.e., they can be printed in a wide variety of environments. Security Fixes: ...

OESA-2025-1947 transfig security update

The transfig utility creates a makefile which translates FIG created by xfig or PIC figures into a specified LaTeX graphics language for example, PostScriptTM. Transfig is used to create TeX documents which are portable i.e., they can be printed in a wide variety of environments. Security Fixes: ...

Astra Linux – Vulnerability in fig2dev

In the xfig diagramming tool, a segmentation fault occurs when running fig2dev. This allows an attacker to gain control by manipulating inputs locally through the readarcobject function...

Security update for transfig

This update for transfig fixes the following issues: Update to fig2dev version 3.2.9a CVE-2025-46397: Fixed a stack buffer overflow in fig2dev in bezierspline function bsc1243260. CVE-2025-46398: Fixed a stack buffer overflow in fig2dev in readobjects function bsc1243262. CVE-2025-46399: Fixed a...

Security update for transfig

This update for transfig fixes the following issues: Update to fig2dev version 3.2.9a CVE-2025-31162: Fixed a floating point exception in fig2dev in getslope function bsc1240380. CVE-2025-31163: Fixed a segmentation fault in fig2dev in putpatternarc function bsc1240381. CVE-2025-31164: Fixed a he...

SUSE CVE-2025-46400

In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via readarcobject function...

OESA-2025-1509 transfig security update

The transfig utility creates a makefile which translates FIG created by xfig or PIC figures into a specified LaTeX graphics language for example, PostScriptTM. Transfig is used to create TeX documents which are portable i.e., they can be printed in a wide variety of environments. Security Fixes: ...

DEBIAN-CVE-2025-46400

In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via readarcobject function...

UBUNTU-CVE-2025-46400

Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via readarcobject function...

CVE-2025-46400

CVE-2025-46400 affects fig2dev (part of the transfig/xfig toolchain). A segmentation fault in read_arcobject can cause denial of service by local input manipulation, impacting availability. Documents consistently describe a segmentation fault via read_arcobject as the root cause, with multiple ad...

CVE-2025-46400 Xfig: fig2dev segmentation fault in read_arcobject

In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via readarcobject function...

CVE-2025-46400

In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via readarcobject function...