ALT-PU-2018-2169-1
Package libgraphite2 updated to version 1.3.12-alt1 for branch sisyphus in task 211568.
Closed vulnerabilities
Published: 2018-03-09
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-7999
In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ttf file.
Severity: HIGH (8.8)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
- https://github.com/silnrsi/graphite/commit/db132b4731a9b4c9534144ba3a18e65b390e9ff6
- https://github.com/silnrsi/graphite/commit/db132b4731a9b4c9534144ba3a18e65b390e9ff6
- https://github.com/silnrsi/graphite/issues/22
- https://github.com/silnrsi/graphite/issues/22
- FEDORA-2019-d0b1feb995
- FEDORA-2019-d0b1feb995
- FEDORA-2019-644ef7ebec
- FEDORA-2019-644ef7ebec