[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2040-1] harfbuzz security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : harfbuzz
Version        : 0.9.35-2+deb8u1
CVE ID         : CVE-2015-8947


An issue has been found in harfbuzz, an OpenType text shaping engine.
Due to a buffer over-read, remote attackers are able to cause a denial of service or possibly have other impact via crafted data.
For Debian 8 "Jessie", this problem has been fixed in version 0.9.35-2+deb8u1. 

We recommend that you upgrade your harfbuzz packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl35HuhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEfaZg/+PPCNmzFWJjcl+OqLENdArtezv8OB7GQ1PA8F0X9RDyV7idftbX+jlzh1
dR7nPK5+mECmrimDzX2ZadxCmBMfjITZrT9ZsH1V5leEigdi33rUBHKiQT0wlpgn
BGmLjcMwjxTqiS6YWYdWblT2gACb49cQFdT3HOEbCoDbccoOAD8lfRrOF769Dg67
G346jO8W+W21wUUgWZhvp6DqIL+K7P6zNedoyMo+HlXPNDoHPDtPHYGfkEWQZEpM
B67PUYw3wERbLQVxpp54hQK6/CbXG75YOVtCDz8jAspXTjTWTaNp7ea6V7K2Il1/
//CQFBgVbW5gEp86qkbiB7clkmsZ2uLNE+2P4tnwhTfFpZaS0Qny8L9K3KGYeaef
S3d9ZVXSlT6fNf7ZcqQMFZlFAthT+K6ciBctDf9ONLaK6BjaEqBfcnCYW73WQDBc
qAupEolbcZxYUJ+E+wHcS9LdqHNcpRxAGqnubWCJ+f7wH8x5a/vFAe0IFeDWjA1L
ksvujLlB55u+WMWQ/nFuYLJWRLaa4/Z9oycyR2c9jmKb062cpXA/2JtPuIZXH7zr
tv26YNV39/xOaM2HejCs5q9JgPOFHZMmGzhYnN5X13ObYJ2IxnOQsvQY/LT+sLFh
puW22zQiSk2hFxhyyo+hswQzcLE/lgz0E8e1+HBmqedJPnCsAPM=
=Wpo4
-----END PGP SIGNATURE-----
Reply to: