Bug#959800: potential double-free in libfontconfig due to bad backported commit

Phil Armstrong phil at kantaka.co.uk
Sun May 10 09:12:27 BST 2020

On Tue, 5 May 2020 14:20:42 +0100 Jonathan Kew <jfkthame at gmail.com> wrote:
 > Package: libfontconfig1
 > Version:|2.13.1-4|
 > One of the commits backported in 
 > to fix fontconfig memory leaks has a bug that introduces a potential 
double-free error.
 > See https://gitlab.freedesktop.org/fontconfig/fontconfig/-/issues/237 
for details, and
for a proposed
 > fix for upstream.
 > This has resulted in crash reports for Firefox when running on 
bullseye/sid installations,
 > see https://bugzilla.mozilla.org/show_bug.cgi?id=1633467.
 > I would suggest either taking the fix from the libfontconfig merge 
request 94 (above),
 > or reverting the backport of 61573ad5f7c4dd0860d613d99d0086433240eb75 
until the issue is
 > resolved upstream, as it would be better to leak than to risk a 
double-free error.

Just confirming that this bug is real - I’m seeing consistent crashes 
when attempting to visit https://hmrc.gov.uk/ in firefox. Is there any 
chance of backporting the fix mentioned above?

cheers, Phil

More information about the Pkg-freedesktop-maintainers mailing list