Closed
Bug 1248805
(CVE-2016-2798)
Opened 9 years ago
Closed 9 years ago
graphite2: heap-buffer-overflow read in [@graphite2::GlyphCache::Loader::Loader]
Categories
(Core :: Graphics: Text, defect)
Core
Graphics: Text
Tracking
()
People
(Reporter: tsmith, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: csectype-bounds, sec-moderate, testcase, Whiteboard: [adv-main45+][adv-esr38.7+])
Attachments
(3 files)
This was found while fuzzing graphite2 revision a8f9210571f5339d55c7fd4524acb64ce5ca8fd8.
Reporter | ||
Comment 3•9 years ago
|
||
Comment 4•9 years ago
|
||
Fixed upstream in df41ce06dda5962b9ff1c8c3175af00005d5fc0f
Reporter | ||
Comment 5•9 years ago
|
||
Verified with df41ce06dda5962b9ff1c8c3175af00005d5fc0f
Updated•9 years ago
|
Keywords: sec-moderate
Reporter | ||
Updated•9 years ago
|
Status: NEW → RESOLVED
Closed: 9 years ago
status-firefox45:
--- → fixed
status-firefox46:
--- → fixed
status-firefox47:
--- → fixed
status-firefox-esr38:
--- → fixed
Depends on: 1252311
Resolution: --- → FIXED
Updated•9 years ago
|
Group: gfx-core-security → core-security-release
Updated•9 years ago
|
tracking-firefox-esr38:
--- → 45+
Whiteboard: [adv-main45+][adv-esr38.7+]
Updated•9 years ago
|
Alias: CVE-2016-2798
Updated•8 years ago
|
Group: core-security-release
You need to log in
before you can comment on or make changes to this bug.
Description
•