CVE-2017-11577

Priority
Description
FontForge 20161012 is vulnerable to a buffer over-read in getsid
(parsettf.c) resulting in DoS or code execution via a crafted otf file.
Notes
Package
Upstream:released (1:20170731~dfsg-1, 20120731.b-5+deb8u1)
Ubuntu 18.04 LTS:not-affected (1:20170731~dfsg-1)
Ubuntu 14.04 ESM:DNE (trusty was released [20120731.b-5ubuntu0.1])
Patches:
More Information

Updated: 2022-04-13 12:52:55 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)