Bug#916389: Bug#915801: cairo: CVE-2018-19876

Simon McVittie smcv at debian.org
Fri Mar 15 07:50:56 GMT 2019


Control: forcemerge 915801 916389

On Thu, 14 Mar 2019 at 23:15:01 +0100, Moritz Mühlenhoff wrote:
> On Thu, Dec 06, 2018 at 09:59:39PM +0100, Salvatore Bonaccorso wrote:
> > The following vulnerability was published for cairo.
> > 
> > CVE-2018-19876[0]:
> > | cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would
> > | free memory using a free function incompatible with WebKit's
> > | fastMalloc, leading to an application crash with a "free(): invalid
> > | pointer" error.
> 
> Fixed in https://gitlab.freedesktop.org/cairo/cairo/commit/90e85c2493fdfa3551f202ff10282463f1e36645

This seems to be the same thing as #916389. I don't really know the
cairo package, but the patch seems simple enough, and is consistent with
another use of FT_Done_MM_Var elsewhere in the same file. Trying an
updated package now.

    smcv



More information about the pkg-gnome-maintainers mailing list