read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf. Reference: https://sourceforge.net/p/mcj/tickets/55/
Created transfig tracking bugs for this issue: Affects: fedora-all [bug 1800632]
Patch: https://sourceforge.net/p/mcj/fig2dev/ci/19db5fe6f77ebad91af4b4ef0defd61bd0bb358f/