gnuplot-6.0.2-3.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2025:16196 Final 1 1 2025-05-20T00:00:00Z current 2025-05-20T00:00:00Z 2025-05-20T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z gnuplot-6.0.2-3.1 on GA media These are all security issues fixed in the gnuplot-6.0.2-3.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2025-16196 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2025-31176/ SUSE CVE CVE-2025-31176 page https://www.suse.com/security/cve/CVE-2025-31177/ SUSE CVE CVE-2025-31177 page https://www.suse.com/security/cve/CVE-2025-31178/ SUSE CVE CVE-2025-31178 page https://www.suse.com/security/cve/CVE-2025-31179/ SUSE CVE CVE-2025-31179 page https://www.suse.com/security/cve/CVE-2025-31180/ SUSE CVE CVE-2025-31180 page https://www.suse.com/security/cve/CVE-2025-31181/ SUSE CVE CVE-2025-31181 page https://www.suse.com/security/cve/CVE-2025-3359/ SUSE CVE CVE-2025-3359 page openSUSE Tumbleweed gnuplot-6.0.2-3.1 gnuplot-6.0.2-3.1 as a component of openSUSE Tumbleweed A flaw was found in gnuplot. The plot3d_points() function may lead to a segmentation fault and cause a system crash. CVE-2025-31176 openSUSE Tumbleweed:gnuplot-6.0.2-3.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-31176.html CVE-2025-31176 https://bugzilla.suse.com/1240325 SUSE Bug 1240325 gnuplot is affected by a heap buffer overflow at function utf8_copy_one. CVE-2025-31177 openSUSE Tumbleweed:gnuplot-6.0.2-3.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-31177.html CVE-2025-31177 https://bugzilla.suse.com/1240326 SUSE Bug 1240326 A flaw was found in gnuplot. The GetAnnotateString() function may lead to a segmentation fault and cause a system crash. CVE-2025-31178 openSUSE Tumbleweed:gnuplot-6.0.2-3.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-31178.html CVE-2025-31178 https://bugzilla.suse.com/1240327 SUSE Bug 1240327 A flaw was found in gnuplot. The xstrftime() function may lead to a segmentation fault, causing a system crash. CVE-2025-31179 openSUSE Tumbleweed:gnuplot-6.0.2-3.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-31179.html CVE-2025-31179 https://bugzilla.suse.com/1240328 SUSE Bug 1240328 A flaw was found in gnuplot. The CANVAS_text() function may lead to a segmentation fault and cause a system crash. CVE-2025-31180 openSUSE Tumbleweed:gnuplot-6.0.2-3.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-31180.html CVE-2025-31180 https://bugzilla.suse.com/1240329 SUSE Bug 1240329 A flaw was found in gnuplot. The X11_graphics() function may lead to a segmentation fault and cause a system crash. CVE-2025-31181 openSUSE Tumbleweed:gnuplot-6.0.2-3.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-31181.html CVE-2025-31181 https://bugzilla.suse.com/1240330 SUSE Bug 1240330 A flaw was found in GNUPlot. A segmentation fault via IO_str_init_static_internal may jeopardize the environment. CVE-2025-3359 openSUSE Tumbleweed:gnuplot-6.0.2-3.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-3359.html CVE-2025-3359 https://bugzilla.suse.com/1241684 SUSE Bug 1241684