This is the potrace 0.14 diff, which supposedly resolves CVE-2016-8685 and CVE-2016-8686 (which was previously described as not a bug in #843861). Unfortunately, it is somewhat large... https://github.com/skyrpex/potrace/commit/b3fce824046abcc0465deb5596d4556b132c77aa -- Brian May <brian@linuxpenguins.xyz> https://linuxpenguins.xyz/brian/