Bug#916389: cairo CVE-2018-19876
mcatanzaro at gnome.org
mcatanzaro at gnome.org
Thu Dec 13 21:15:33 GMT 2018
Package: cairo
Version: 1.16
cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c frees
memory using the wrong free function, leading to memory corruption.
Because cairo is used by WebKitGTK+, this issue can be triggered by
web content. CVE-2018-19876 has been allocated by MITRE. For details,
see:
https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5
Unfortunately, upstream has been unresponsive in that issue, so I've
worked with the Fedora maintainer to include the patch downstream:
https://src.fedoraproject.org/cgit/rpms/cairo.git/plain/0001-ft-Use-FT_Done_MM_Var-instead-of-free-when-available.patch?id=003607a96ce3a5fbb7f9b19298787f332235b2ab
Please add this patch to Debian as well. Note that Stretch is unaffected
because 1.16.0 is the first vulnerable version.
Michael
More information about the pkg-gnome-maintainers
mailing list