Mandriva Linux Security Advisory 2015-187 - Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vector, which are not properly handled in an error string. Additionally the gtkglarea2 and gtkglext packages were missing and was required for graphviz to build, these packages are also being provided with this advisory.
94dd81e7f7093f530045667750dd5276b5b1945c8f0a3623466b7d64491119dc
Mandriva Linux Security Advisory 2014-248 - Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vector, which are not properly handled in an error string.
87aabea0b65c9aaa124ec95d557113deb52f6d9692681c574a524366affbe9f4
Debian Linux Security Advisory 3098-1 - Joshua Rogers discovered a format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz, a rich set of graph drawing tools. An attacker could use this flaw to cause graphviz to crash or possibly execute arbitrary code.
68bf61fc172f38d647343e482b1c4138112d7b7712b206f79b2462e2dd8eadfb
Ubuntu Security Notice 2435-1 - It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code.
5932c92cbfbc9eeade2de417beb3caef257a0e59dd0e0e9600dca6d53ee4b85d