|
|
Log in / Subscribe / Register

harfbuzz: multiple vulnerabilities

Package(s):harfbuzz CVE #(s):CVE-2015-8947 CVE-2016-2052
Created:July 27, 2016 Updated:January 31, 2017
Description: From the CVE entries:

hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data, a different vulnerability than CVE-2016-2052. (CVE-2015-8947)

Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947. (CVE-2016-2052)

Alerts:
Ubuntu USN-3067-1 harfbuzz 2016-08-24
openSUSE openSUSE-SU-2016:2082-1 harfbuzz 2016-08-16
Gentoo 201701-76 harfbuzz 2017-01-31
Mageia MGASA-2016-0264 harfbuzz 2016-07-26
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds