Nixpkgs security tracker

Permalink CVE-2015-7508

created 2 months ago Activity log

Created suggestion 2 months ago

Heap-based buffer overflow in the bmp_decode_rle function in libnsbmp.c in …

Heap-based buffer overflow in the bmp_decode_rle function in libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the last row of RLE data in a crafted BMP file.

References

http://www.securityfocus.com/archive/1/archive/1/537132/100/0/threaded x_transferredx_refsource_MISC
http://seclists.org/fulldisclosure/2015/Dec/73 x_transferredx_refsource_MISC

Affected products

Libnsbmp

==0.1.2

Matching in nixpkgs

pkgs.libnsbmp

BMP Decoder for netsurf browser

nixos-unstable 0.1.7
- nixpkgs-unstable 0.1.7
- nixos-unstable-small 0.1.7
nixos-25.11 0.1.7
- nixos-25.11-small 0.1.7
- nixpkgs-25.11-darwin 0.1.7

pkgs.netsurf.libnsbmp

BMP Decoder for netsurf browser

Package maintainers

@fgaz Francesco Gazzetta <fgaz@fgaz.me>

Permalink CVE-2015-7507

created 2 months ago Activity log

Created suggestion 2 months ago

libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a …

libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function.

References

http://www.securityfocus.com/archive/1/archive/1/537132/100/0/threaded x_transferredx_refsource_MISC
http://seclists.org/fulldisclosure/2015/Dec/73 x_transferredx_refsource_MISC

Affected products

Libnsbmp

==0.1.2

Matching in nixpkgs

pkgs.libnsbmp

BMP Decoder for netsurf browser

nixos-unstable 0.1.7
- nixpkgs-unstable 0.1.7
- nixos-unstable-small 0.1.7
nixos-25.11 0.1.7
- nixos-25.11-small 0.1.7
- nixpkgs-25.11-darwin 0.1.7

pkgs.netsurf.libnsbmp

BMP Decoder for netsurf browser

Package maintainers

@fgaz Francesco Gazzetta <fgaz@fgaz.me>

Permalink CVE-2012-0842

created 2 months ago Activity log

Created suggestion 2 months ago

surf: cookie jar has read access from other local user

References

https://security-tracker.debian.org/tracker/CVE-2012-0842 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0842 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-0842 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/02/10/8 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/02/11/3 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/02/10/2 x_transferredx_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/02/10/9 x_transferredx_refsource_MISC

Affected products

surf

==Fixed in 0.6

Matching in nixpkgs

pkgs.surf

Simple web browser based on WebKitGTK

pkgs.glsurf

Program to draw implicit surfaces and curves

nixos-unstable 3.3.1
- nixpkgs-unstable 3.3.1
- nixos-unstable-small 3.3.1
nixos-25.11 3.3.1
- nixos-25.11-small 3.3.1
- nixpkgs-25.11-darwin 3.3.1

pkgs.surfer

Extensible and Snappy Waveform Viewer

nixos-unstable 0.6.0
- nixpkgs-unstable 0.6.0
- nixos-unstable-small 0.6.0
nixos-25.11 0.4.0
- nixos-25.11-small 0.4.0
- nixpkgs-25.11-darwin 0.4.0

pkgs.surfraw

Provides a fast unix command line interface to a variety of popular WWW search engines and other artifacts of power

nixos-unstable 2.3.0
- nixpkgs-unstable 2.3.0
- nixos-unstable-small 2.3.0
nixos-25.11 2.3.0
- nixos-25.11-small 2.3.0
- nixpkgs-25.11-darwin 2.3.0

pkgs.websurfx

Open source alternative to searx

nixos-unstable 1.24.47
- nixpkgs-unstable 1.24.47
- nixos-unstable-small 1.24.47
nixos-25.11 1.24.22
- nixos-25.11-small 1.24.22
- nixpkgs-25.11-darwin 1.24.22

pkgs.windsurf

Agentic IDE powered by AI Flow paradigm

nixos-unstable 1.9544.35
- nixpkgs-unstable 1.9544.35
- nixos-unstable-small 1.9552.21
nixos-25.11 1.12.35
- nixos-25.11-small 1.12.35
- nixpkgs-25.11-darwin 1.12.35

pkgs.subsurface

Divelog program

nixos-unstable 6.0.5504
- nixpkgs-unstable 6.0.5504
- nixos-unstable-small 6.0.5504
nixos-25.11 6.0.5436
- nixos-25.11-small 6.0.5436
- nixpkgs-25.11-darwin 6.0.5436

pkgs.surf-display

Kiosk browser session manager based on the surf browser

pkgs.netsurf.libcss

Cascading Style Sheets library for netsurf browser

pkgs.netsurf.libdom

Document Object Model library for netsurf browser

pkgs.netsurf-browser

Free, open source, small web browser

nixos-unstable 3.11
- nixpkgs-unstable 3.11
- nixos-unstable-small 3.11
nixos-25.11 3.11
- nixos-25.11-small 3.11
- nixpkgs-25.11-darwin 3.11

pkgs.netsurf.libnsfb

Netsurf framebuffer abstraction library

pkgs.surface-control

Control various aspects of Microsoft Surface devices on Linux from the Command-Line

nixos-unstable 0.4.12-1
- nixpkgs-unstable 0.4.12-1
- nixos-unstable-small 0.4.12-1
nixos-25.11 0.4.9-1
- nixos-25.11-small 0.4.9-1
- nixpkgs-25.11-darwin 0.4.9-1

pkgs.libwacom-surface

Libraries, configuration, and diagnostic tools for Wacom tablets running under Linux

nixos-unstable 2.18.0
- nixpkgs-unstable 2.18.0
- nixos-unstable-small 2.18.0
nixos-25.11 2.16.1
- nixos-25.11-small 2.16.1
- nixpkgs-25.11-darwin 2.16.1

pkgs.netsurf.libnsbmp

BMP Decoder for netsurf browser

pkgs.netsurf.libnsgif

GIF Decoder for netsurf browser

pkgs.netsurf.libnslog

NetSurf Parametric Logging Library

pkgs.netsurf.libnspsl

NetSurf Public Suffix List - Handling library

pkgs.netsurf.libhubbub

HTML5 parser library for netsurf browser

pkgs.netsurf.nsgenbind

Generator for JavaScript bindings for netsurf browser

pkgs.netsurf.libnsutils

Generalised utility library for netsurf browser

pkgs.netsurf.libsvgtiny

NetSurf SVG decoder

pkgs.netsurf-buildsystem

NetSurf browser shared build system

nixos-unstable 1.10
- nixpkgs-unstable 1.10
- nixos-unstable-small 1.10
nixos-25.11 1.10
- nixos-25.11-small 1.10
- nixpkgs-25.11-darwin 1.10

pkgs.netsurf.buildsystem

NetSurf browser shared build system

pkgs.netsurf.libutf8proc

UTF8 Processing library for netsurf browser

pkgs.netsurf.libwapcaplet

String internment library for netsurf browser

pkgs.netsurf.libparserutils

Parser building library for netsurf browser

pkgs.prometheus-surfboard-exporter

Arris Surfboard signal metrics exporter

nixos-unstable 2.0.0
- nixpkgs-unstable 2.0.0
- nixos-unstable-small 2.0.0
nixos-25.11 2.0.0
- nixos-25.11-small 2.0.0
- nixpkgs-25.11-darwin 2.0.0

pkgs.python312Packages.isosurfaces

Construct isolines/isosurfaces of a 2D/3D scalar field defined by a function

nixos-25.11 0.1.2
- nixos-25.11-small 0.1.2
- nixpkgs-25.11-darwin 0.1.2

pkgs.python313Packages.isosurfaces

Construct isolines/isosurfaces of a 2D/3D scalar field defined by a function

nixos-unstable 0.1.2
- nixpkgs-unstable 0.1.2
- nixos-unstable-small 0.1.2
nixos-25.11 0.1.2
- nixos-25.11-small 0.1.2
- nixpkgs-25.11-darwin 0.1.2

pkgs.python314Packages.isosurfaces

Construct isolines/isosurfaces of a 2D/3D scalar field defined by a function

nixos-unstable 0.1.2
- nixpkgs-unstable 0.1.2
- nixos-unstable-small 0.1.2

pkgs.vimPlugins.syntax-tree-surfer

None

pkgs.python312Packages.flask-seasurf

Flask extension for preventing cross-site request forgery

nixos-25.11 2.0.0
- nixos-25.11-small 2.0.0
- nixpkgs-25.11-darwin 2.0.0

pkgs.python313Packages.flask-seasurf

Flask extension for preventing cross-site request forgery

nixos-unstable 2.0.0
- nixpkgs-unstable 2.0.0
- nixos-unstable-small 2.0.0
nixos-25.11 2.0.0
- nixos-25.11-small 2.0.0
- nixpkgs-25.11-darwin 2.0.0

pkgs.python314Packages.flask-seasurf

Flask extension for preventing cross-site request forgery

nixos-unstable 2.0.0
- nixpkgs-unstable 2.0.0
- nixos-unstable-small 2.0.0

pkgs.haskellPackages.gpu-vulkan-khr-surface

VK_KHR_surface extension of the Vulkan API

nixos-unstable 0.1.0.0
- nixpkgs-unstable 0.1.0.0
- nixos-unstable-small 0.1.0.0
nixos-25.11 0.1.0.0
- nixos-25.11-small 0.1.0.0
- nixpkgs-25.11-darwin 0.1.0.0

pkgs.tree-sitter-grammars.tree-sitter-surface

None

nixos-unstable 0.2.0
- nixpkgs-unstable 0.2.0
- nixos-unstable-small 0.2.0
nixos-25.11 0.25.10
- nixos-25.11-small 0.25.10
- nixpkgs-25.11-darwin 0.25.10

pkgs.vimPlugins.nvim-treesitter-parsers.surface

None

nixos-unstable 0.0.0+rev=f4586b3
- nixpkgs-unstable 0.0.0+rev=f4586b3
- nixos-unstable-small 0.0.0+rev=f4586b3
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

pkgs.haskellPackages.gpu-vulkan-core-khr-surface

Thin wrapper for VK_KHR_surface extension of the Vulkan API

nixos-unstable 0.1.0.0
- nixpkgs-unstable 0.1.0.0
- nixos-unstable-small 0.1.0.0
nixos-25.11 0.1.0.0
- nixos-25.11-small 0.1.0.0
- nixpkgs-25.11-darwin 0.1.0.0

pkgs.haskellPackages.gpu-vulkan-khr-surface-glfw

GLFW surface for Vulkan

nixos-unstable 0.1.0.0
- nixpkgs-unstable 0.1.0.0
- nixos-unstable-small 0.1.0.0
nixos-25.11 0.1.0.0
- nixos-25.11-small 0.1.0.0
- nixpkgs-25.11-darwin 0.1.0.0

pkgs.haskellPackages.gpu-vulkan-middle-khr-surface

medium wrapper for VK_KHR_surface extension of the Vulkan API

nixos-unstable 0.1.0.0
- nixpkgs-unstable 0.1.0.0
- nixos-unstable-small 0.1.0.0
nixos-25.11 0.1.0.0
- nixos-25.11-small 0.1.0.0
- nixpkgs-25.11-darwin 0.1.0.0

pkgs.haskellPackages.gpu-vulkan-middle-khr-surface-glfw

medium wrapper for GLFW surface for the Vulkan API

nixos-unstable 0.1.0.1
- nixpkgs-unstable 0.1.0.1
- nixos-unstable-small 0.1.0.1
nixos-25.11 0.1.0.1
- nixos-25.11-small 0.1.0.1
- nixpkgs-25.11-darwin 0.1.0.1