Download
| Alert*
oval:org.secpod.oval:def:89002293
This update for cairo fixes the following issues: - CVE-2017-9814: out-of-bounds read in cairo-truetype-subset.c could lead to denial of service . oval:org.secpod.oval:def:89002217 This update for cairo fixes the following issues: - CVE-2016-9082: Fixed a segfault when using gt;4GB images since int values were used for pointer operations . - CVE-2017-9814: Replace malloc with _cairo_malloc and check cmap size before allocating to prevent DoS . - CVE-2017-7475: Fix a segfault i ... oval:org.secpod.oval:def:89050261 This update for cairo fixes the following issues: - Fix a memory corruption in pango. - Revert "Correctly decode Adobe CMYK JPEGs in PDF export". - Add more FreeeType font color conversions to support COLR/CPAL. - Fix crash when rendering Microsoft"s Segoe UI Emoji Regular font. - Fix memory leaks f ... oval:org.secpod.oval:def:89049723 This update for cairo fixes the following issues: The following security vulnerability was addressed: - CVE-2017-9814: Fixed and out-of-bounds read in cairo-truetype-subset.c by replacing the malloc implementation with _cairo_malloc and checking the size before memory allocation oval:org.secpod.oval:def:2000836 cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service because of mishandling of an unexpected malloc call. |