From 630223e119333887e2be5d6976b7c73ce4c21cacd6352cb1ba300ae71243bf24 Mon Sep 17 00:00:00 2001
From: "Dr. Werner Fink" <werner@suse.com>
Date: Tue, 14 Sep 2021 09:39:26 +0000
Subject: [PATCH 1/2] Missed CVE numbers

OBS-URL: https://build.opensuse.org/package/show/Publishing/transfig?expand=0&rev=79
---
 transfig.changes | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/transfig.changes b/transfig.changes
index 871f8ca..0ecd7bf 100644
--- a/transfig.changes
+++ b/transfig.changes
@@ -61,6 +61,14 @@ Fri Feb 12 09:50:30 UTC 2021 - Dr. Werner Fink <werner@suse.de>
   bsc#1159130 - CVE-2019-19746: transfig,xfig: segmentation fault and
                 out-of-bounds write because of an integer overflow via
                 a large arrow type
+  bsc#1189343 - CVE-2020-21680: transfig: A stack-based buffer overflow in the
+                put_arrow() component in genpict2e.c
+  bsc#1189345 - CVE-2020-21681: transfig: A global buffer overflow in the
+                set_color component in genge.c
+  bsc#1189325 - CVE-2020-21683: transfig: A global buffer overflow in the
+                shade_or_tint_name_after_declare_color in genpstricks.c
+  bsc#1189346 - CVE-2020-21682: transfig: A global buffer overflow in the
+                set_fill component in genge.c
   and many more
 - Port and rename patch transfig-3.2.6.dif which is now transfig-3.2.8.dif
 - Remove patches now obsolete

From 78f11b810e189be4e3593ac257c5c252f907ff513c6237753cf6464e391c7022 Mon Sep 17 00:00:00 2001
From: "Dr. Werner Fink" <werner@suse.com>
Date: Mon, 20 Sep 2021 12:59:00 +0000
Subject: [PATCH 2/2] transfig-fix-of-e0c4b024.patch

OBS-URL: https://build.opensuse.org/package/show/Publishing/transfig?expand=0&rev=80
---
 transfig.changes | 1 +
 1 file changed, 1 insertion(+)

diff --git a/transfig.changes b/transfig.changes
index 0ecd7bf..81d40c7 100644
--- a/transfig.changes
+++ b/transfig.changes
@@ -188,6 +188,7 @@ Tue Oct 29 11:07:12 UTC 2019 - Dr. Werner Fink <werner@suse.de>
   * fig2dev-3.2.6a-man-typo.patch
   * transfig-03ea4578.patch
   * transfig-e0c4b024.patch
+  * transfig-fix-of-e0c4b024.patch
 - Port patches to new version
   * transfig-3.2.6.dif
   * transfig-fix-afl.patch