CVE-2017-11576

Priority
Description
FontForge 20161012 does not ensure a positive size in a weight vector
memcpy call in readcfftopdict (parsettf.c) resulting in DoS via a crafted
otf file.
Notes
Package
Upstream:released (1:20170731~dfsg-1, 20120731.b-5+deb8u1)
Ubuntu 18.04 LTS:not-affected (1:20170731~dfsg-1)
Ubuntu 14.04 ESM:DNE (trusty was released [20120731.b-5ubuntu0.1])
Patches:
More Information

Updated: 2022-04-13 12:52:54 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)