1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
PublicDateAtUSN: 2017-07-23
Candidate: CVE-2017-11571
PublicDate: 2017-07-23
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11571
https://github.com/fontforge/fontforge/issues/3087
http://www.ubuntu.com/usn/usn-3409-1
Description:
FontForge 20161012 is vulnerable to a stack-based buffer overflow in
addnibble (parsettf.c) resulting in DoS or code execution via a crafted otf
file.
Ubuntu-Description:
Notes:
Bugs:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869614
Priority: medium
Discovered-by:
Assigned-to:
Patches_fontforge:
upstream_fontforge: needed
precise/esm_fontforge: DNE
trusty_fontforge: released (20120731.b-5ubuntu0.1)
vivid/ubuntu-core_fontforge: DNE
xenial_fontforge: needed
zesty_fontforge: needed
devel_fontforge: needed
|