Overview

File _patchinfo of Package patchinfo.15473

<patchinfo incident="15473">
  <issue tracker="cve" id="2017-9814"/>
  <issue tracker="bnc" id="1049092">VUL-1: CVE-2017-9814: cairo: cairo-truetype-subset.c in cairo 1.15.6 and earlier out-of-bounds read</issue>
  <packager>mwilck</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for cairo</summary>
  <description>This update for cairo fixes the following issues:

- Fix a memory corruption in pango.
- Revert "Correctly decode Adobe CMYK JPEGs in PDF export".
- Add more FreeeType font color conversions to support COLR/CPAL.
- Fix crash when rendering Microsoft's Segoe UI Emoji Regular font.
- Fix memory leaks found by Coverity.
- Fix assertion failure in the freetype backend. (fdo#105746).
- Add cairo-CVE-2017-9814.patch: Replace malloc with _cairo_malloc and check cmap size before allocating (bsc#1049092)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places