CVE-2017-11571

Priority
Description
FontForge 20161012 is vulnerable to a stack-based buffer overflow in
addnibble (parsettf.c) resulting in DoS or code execution via a crafted otf
file.
Notes
Package
Upstream:released (1:20170731~dfsg-1, 20120731.b-5+deb8u1)
Ubuntu 18.04 LTS:not-affected (1:20170731~dfsg-1)
Ubuntu 14.04 ESM:DNE (trusty was released [20120731.b-5ubuntu0.1])
Patches:
More Information

Updated: 2022-04-13 12:52:53 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)