Overview

File _patchinfo of Package patchinfo.2131

<patchinfo incident="2131">
  <issue id="965810" tracker="bnc">VUL-0: CVE-2016-1526: graphite2: DoS</issue>
  <issue id="965803" tracker="bnc">VUL-0: CVE-2016-1521: graphite2: An exploitable out-of-bounds read vulnerability exists in the opcodehandling functionality of Libgr...</issue>
  <issue id="965807" tracker="bnc">VUL-0: CVE-2016-1523: graphite2: An exploitable heap-based buffer overflow exists in the context itemhandling functionality of Libgr...</issue>
  <issue id="CVE-2016-1523" tracker="cve" />
  <issue id="CVE-2016-1521" tracker="cve" />
  <issue id="CVE-2016-1526" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>pgajdos</packager>
  <description>
This update for graphite2 fixes the following issues:

- CVE-2016-1521: The directrun function in directmachine.cpp in
  Libgraphite did not validate a certain skip operation, which allowed
  remote attackers to execute arbitrary code, obtain sensitive information,
  or cause a denial of service (out-of-bounds read and application crash)
  via a crafted Graphite smart font.

- CVE-2016-1523: The SillMap::readFace function in FeatureMap.cpp in
  Libgraphite mishandled a return value, which allowed remote attackers
  to cause a denial of service (missing initialization, NULL pointer
  dereference, and application crash) via a crafted Graphite smart font.

- CVE-2016-1526: The TtfUtil:LocaLookup function in TtfUtil.cpp in
  Libgraphite incorrectly validated a size value, which allowed remote
  attackers to obtain sensitive information or cause a denial of service
  (out-of-bounds read and application crash) via a crafted Graphite
  smart font.
</description>
<summary>Security update for graphite2</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places