Description
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in
Google Chrome before 48.0.2564.82, allow attackers to cause a denial of
service or possibly have other impact via crafted data, as demonstrated by
a buffer over-read resulting from an inverted length check in
hb-ot-font.cc, a different issue than CVE-2015-8947.
Package
Upstream: | released
(48.0.2564.82)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
(precise was ignored)
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was released [48.0.2564.116-0ubuntu0.14.04.1.1111])
|
Ubuntu 16.04 LTS (Xenial Xerus): | released
(48.0.2564.82-0ubuntu1.1222)
|
Package
Priority: Low
Upstream: | released
(1.0.6)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | not-affected
(code not present)
|
Ubuntu 16.04 LTS (Xenial Xerus): | released
(1.0.1-1ubuntu0.1)
|
Patches:
Package
Upstream: | released
(1.12.5)
|
Ubuntu 12.04 ESM (Precise Pangolin): | DNE
|
Ubuntu 14.04 ESM (Trusty Tahr): | DNE
(trusty was released [1.12.5-0ubuntu0.14.04.1])
|
Ubuntu 16.04 LTS (Xenial Xerus): | released
(1.12.5-0ubuntu1)
|
Updated: 2019-12-05 18:44:23 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)