36bdaa2e5d
Fixes: CVE-2016-1521 - An exploitable out-of-bounds read vulnerability exists in the opcode handling functionality of Libgraphite. A specially crafted font can cause an out-of-bounds read resulting in arbitrary code execution. An attacker can provide a malicious font to trigger this vulnerability. CVE-2016-1522 - An exploitable NULL pointer dereference exists in the bidirectional font handling functionality of Libgraphite. A specially crafted font can cause a NULL pointer dereference resulting in a crash. An attacker can provide a malicious font to trigger this vulnerability. CVE-2016-1523 - An exploitable heap-based buffer overflow exists in the context item handling functionality of Libgraphite. A specially crafted font can cause a buffer overflow resulting in potential code execution. An attacker can provide a malicious font to trigger this vulnerability. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
4 lines
190 B
Plaintext
4 lines
190 B
Plaintext
# From http://sourceforge.net/projects/silgraphite/files/graphite2
|
|
md5 5b8d22a8bbf031838e31432868c0109c graphite2-1.3.5.tgz
|
|
sha1 044f65d5b4ade3169f5fcd75a25f047c81f5d33e graphite2-1.3.5.tgz
|