1
Candidate: CVE-2016-8697
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8697
5
https://blogs.gentoo.org/ago/2016/08/08/potrace-divide-by-zero-in-bm_new-bitmap-h/
7
The bm_new function in bitmap.h in potrace before 1.13 allows remote
8
attackers to cause a denial of service (divide-by-zero error and crash) via
12
tyhicks> inkscape in xenial and earlier embeds libpotrace (LP: #1156664)
13
mdeslaur> potrace in inkscape works on bitmaps already loaded, not
14
mdeslaur> arbitrary images. Marking as not-affected for inkscape.
17
Discovered-by: Agostino Sarubbo
21
upstream_potrace: released (1.13)
22
precise_potrace: ignored (reached end-of-life)
23
precise/esm_potrace: DNE (precise was deferred [2016-12-08])
24
trusty_potrace: needed
25
vivid/ubuntu-core_potrace: DNE
26
vivid/stable-phone-overlay_potrace: DNE
27
xenial_potrace: not-affected (1.13-2)
28
yakkety_potrace: ignored (reached end-of-life)
29
zesty_potrace: not-affected (1.13-3)
30
artful_potrace: not-affected (1.14-2)
31
bionic_potrace: not-affected (1.14-2)
32
devel_potrace: not-affected (1.14-2)
35
upstream_inkscape: needs-triage
36
precise_inkscape: ignored (reached end-of-life)
37
precise/esm_inkscape: DNE (precise was deferred [2016-12-08])
38
trusty_inkscape: not-affected (no attack vector)
39
vivid/ubuntu-core_inkscape: DNE
40
vivid/stable-phone-overlay_inkscape: DNE
41
xenial_inkscape: not-affected (no attack vector)
42
yakkety_inkscape: ignored (reached end-of-life)
43
zesty_inkscape: not-affected (uses system potrace)
44
artful_inkscape: not-affected (uses system potrace)
45
bionic_inkscape: not-affected (uses system potrace)
46
devel_inkscape: not-affected (uses system potrace)