Overview

File _patchinfo of Package patchinfo.38691

<patchinfo incident="38691">
  <issue tracker="bnc" id="1240328">VUL-0: CVE-2025-31179: gnuplot: segmentation fault on xstrftime</issue>
  <issue tracker="bnc" id="1240327">VUL-0: CVE-2025-31178: gnuplot: segmentation fault on GetAnnotateString</issue>
  <issue tracker="bnc" id="1240330">VUL-0: CVE-2025-31181: gnuplot: segmentation fault on X11_graphics</issue>
  <issue tracker="bnc" id="1241684">VUL-0: CVE-2025-3359: gnuplot: gnuplot: Segmentation fault via IO_str_init_static_internal function</issue>
  <issue tracker="cve" id="2025-31181"/>
  <issue tracker="cve" id="2025-3359"/>
  <issue tracker="cve" id="2025-31179"/>
  <issue tracker="cve" id="2025-31178"/>
  <packager>WernerFink</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for gnuplot</summary>
  <description>This update for gnuplot fixes the following issues:

- CVE-2025-31178: unvalidated user input leads to segmentation fault on GetAnnotateString (bsc#1240327).
- CVE-2025-31179: improper verification of time values leads to segmentation fault on xstrftime (bsc#1240328).
- CVE-2025-31181: double fclose() call leads to segmentation fault on X11_graphics (bsc#1240330).
- CVE-2025-3359: out-of-bounds read when parsing font names may lead to a segmentation fault (bsc#1241684).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places