[ubuntu/kinetic-proposed] harfbuzz 2.7.4-1ubuntu5 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Wed Jul 13 17:24:14 UTC 2022 

harfbuzz (2.7.4-1ubuntu5) kinetic; urgency=medium

  * SECURITY UPDATE: DoS via integer overflow
    - debian/patches/CVE-2022-33068-1.patch: limit glyph extents in
      src/hb-ot-color-sbix-table.hh.
    - debian/patches/CVE-2022-33068-2.patch: fix conditional in
      src/hb-ot-color-sbix-table.hh.
    - CVE-2022-33068

Date: Wed, 13 Jul 2022 12:33:30 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/harfbuzz/2.7.4-1ubuntu5
-------------- next part --------------
Format: 1.8
Date: Wed, 13 Jul 2022 12:33:30 -0400
Source: harfbuzz
Built-For-Profiles: noudeb
Architecture: source
Version: 2.7.4-1ubuntu5
Distribution: kinetic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 harfbuzz (2.7.4-1ubuntu5) kinetic; urgency=medium
 .
   * SECURITY UPDATE: DoS via integer overflow
     - debian/patches/CVE-2022-33068-1.patch: limit glyph extents in
       src/hb-ot-color-sbix-table.hh.
     - debian/patches/CVE-2022-33068-2.patch: fix conditional in
       src/hb-ot-color-sbix-table.hh.
     - CVE-2022-33068
Checksums-Sha1:
 64d3be5df1793c09ca304337492dfd2ac77d8b36 2847 harfbuzz_2.7.4-1ubuntu5.dsc
 c46598f5652c813b20ed6d68f18d159dea736961 11792 harfbuzz_2.7.4-1ubuntu5.debian.tar.xz
 8b204fc05d0dbc773e93c918c73c8e535a84b6fc 10075 harfbuzz_2.7.4-1ubuntu5_source.buildinfo
Checksums-Sha256:
 736b1180e8a734232ac24ad9c244373df5b8a0d2bf32fbe60facb5a80b52ff32 2847 harfbuzz_2.7.4-1ubuntu5.dsc
 b5790de5baa96338c9ab97582ccc48a088b6318c55f7040249f3eb7493385cb5 11792 harfbuzz_2.7.4-1ubuntu5.debian.tar.xz
 b639a7e003c81e94ced958e779ad6ac3e9000b37cd8a540222eaf6e64babc902 10075 harfbuzz_2.7.4-1ubuntu5_source.buildinfo
Files:
 e1660814d857db6890faf605a70a84ce 2847 libs optional harfbuzz_2.7.4-1ubuntu5.dsc
 1274948572387abaa635faa9aa5fb59c 11792 libs optional harfbuzz_2.7.4-1ubuntu5.debian.tar.xz
 f7707696d466923ecdedef341d7145ca 10075 libs optional harfbuzz_2.7.4-1ubuntu5_source.buildinfo
Original-Maintainer: أحمد المحمودي (Ahmed El-Mahmoudy) <aelmahmoudy at users.sourceforge.net>

More information about the kinetic-changes mailing list