All errata/sisyphus/ALT-PU-2015-2858-1
ALT-PU-2015-2858-1

Package update libharfbuzz in branch sisyphus

Version1.0.4-alt1
Task#150697
Published2015-10-03
Max severityMEDIUM
Severity:

Closed issues (1)

CVE-2015-9274
MEDIUM6.5

HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh.

Published: 2018-11-15Modified: 2024-11-21
CVSS 2.0MEDIUM 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS 3.xMEDIUM 6.5
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References