HomeFreeBSD
Diffusion FreeBSD ports repository rP542952

MFH: r542951
rP542952
Actions

Description

MFH: r542951

SECURITY UPDATE: Buffer overflow

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.

PR: 239563
Reported by: Miyashita Touka <imagin8r@protonmail.com>
Approved by: gnome (maintainer timeout)
Security: 456375e1-cd09-11ea-9172-4c72b94353b5
Sponsored by: Netzkommune GmbH

Approved by: ports-secteam (with hat)

Details

Provenance
joneumAuthored on
Parents
rP542951: SECURITY UPDATE: Buffer overflow
Branches
Unknown
Tags
Unknown

Changes (3)

PathSize
branches/
2020Q3/
x11-toolkits/
pango/
branches/
2020Q3/
x11-toolkits/
pango/
files/
head/
x11-toolkits/
pango/
files/

rP542952

View Options

branches/2020Q3/

Loading...
View Options

branches/2020Q3/x11-toolkits/pango/Makefile

Loading...
View Options

branches/2020Q3/x11-toolkits/pango/files/CVE-20191010238

Loading...