1
PublicDateAtUSN: 2016-02-08
2
Candidate: CVE-2016-1522
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1522
6
http://www.talosintel.com/reports/TALOS-2016-0057/
7
http://www.talosintel.com/reports/TALOS-2016-0060/
8
http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html
9
https://usn.ubuntu.com/usn/usn-2902-1
11
Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox
12
before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive
13
load calls during a size check, which allows remote attackers to cause a
14
denial of service (heap-based buffer overflow) or possibly execute
15
arbitrary code via a crafted Graphite smart font.
20
Discovered-by: Yves Younan
24
upstream: https://github.com/silnrsi/graphite/commit/4e232ad3697bd0121fd3cbfd8c3d9e2617fce1b8 (0057)
25
upstream: https://github.com/silnrsi/graphite/commit/a94bbf1a651b13ecfaf9a774a841d36964c25929 (0060)
26
upstream_graphite2: released (1.3.5-1)
27
precise_graphite2: ignored (reached end-of-life)
28
precise/esm_graphite2: DNE (precise was needs-triage)
29
trusty_graphite2: released (1.2.4-1ubuntu1.1)
30
vivid/stable-phone-overlay_graphite2: ignored (reached end-of-life)
31
vivid/ubuntu-core_graphite2: DNE
32
wily_graphite2: released (1.2.4-3ubuntu1.1)
33
xenial_graphite2: released (1.3.5-1ubuntu1)
34
yakkety_graphite2: released (1.3.5-1ubuntu1)
35
zesty_graphite2: released (1.3.5-1ubuntu1)
36
devel_graphite2: released (1.3.5-1ubuntu1)