Debian Patches

Status for graphviz/2.42.4-2

Patch Description Author Forwarded Bugs Origin Last update
0_bindings_documentation =================================================================== no
50_remove_changelog_in remove Debian references from upstream Don't alter files under debian/ directory. Laszlo Boszormenyi (GCS) <gcs@debian.org> not-needed 2019-09-01
3_minor_fixes_to_dot_manpage Minute typesetting improvements. A missing line break, and some inconsistent
use of boldface characters.
.
Write the names of executable in boldface when
referencing to them in the section "See also".

===================================================================
Mats Erik Andersson <debian@gisladisker.se> no 2011-04-14
fix-kfreebsd-chroots =================================================================== no
kfreebsd-hang.patch no
ruby-config.diff =================================================================== no
versioned-plugin-config-file.diff =================================================================== no
gvmap.sh_bashism.patch remove bashism from gvmap.sh Laszlo Boszormenyi (GCS) <gcs@debian.org> no debian 2016-06-10
build_with_libann.patch no
update_documentation_link.patch direct link to documentation It's not in CVS anymore. Laszlo Boszormenyi (GCS) <gcs@debian.org> no debian 2019-10-06
fix_out-of-bounds_write_on_invalid_label.patch commit 784411ca3655c80da0f6025ab20634b2a6ff696b

fix: out-of-bounds write on invalid label

When the label for a node cannot be parsed (due to it being malformed), it falls
back on the symbol name of the node itself. I.e. the default label the node
would have had if it had no label attribute at all. However, this is applied by
dynamically altering the node's label to "\N", a shortcut for the symbol name of
the node. All of this is fine, however if the hand written label itself is
shorter than the literal string "\N", not enough memory would have been
allocated to write "\N" into the label text.

Here we account for the possibility of error during label parsing, and assume
that the label text may need to be overwritten with "\N" after the fact. Fixes
issue #1700.

diff --git a/lib/common/shapes.c b/lib/common/shapes.c
index 0a0635fc3..9dca9ba6e 100644
Matthew Fernandez <matthew.fernandez@gmail.com> no 2020-07-25
CVE-2023-46045.patch fix buffer overflow via a crafted config6a file Buffer Overflow vulnerability allows a remote attacker to execute arbitrary
code via a crafted config6a file.
Laszlo Boszormenyi (GCS) <gcs@debian.org> not-needed upstream upstream, https://gitlab.com/graphviz/graphviz/-/commit/5d09f70d7f6b81eb891749895c2e6b81365ac234.patch 2024-01-26
fix-implicit-function-declaration.patch Add a missing prototype for makeTetrix(). Andrey Rakhmatullin <wrar@debian.org> not-needed debian backport, https://gitlab.com/graphviz/graphviz/-/commit/be6f649995d00865e7c7d721f9b5bdb13fd715c0 2024-03-14
0001-suppress-compiler-warning-from-qsort-call.patch [PATCH] suppress compiler warning from qsort() call Matthew Fernandez <matthew.fernandez@gmail.com> no 2020-07-03

All known versions for source package 'graphviz'

Links