Package "harfbuzz"

Name:	harfbuzz
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: OpenType text shaping engine (GObject introspection data) Development files for OpenType text shaping engine Documentation files for the HarfBuzz library OpenType text shaping engine ICU backend (GObject library)
Latest version:	2.6.4-1ubuntu4.2
Release:	focal (20.04)
Level:	updates
Repository:	main

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "harfbuzz" in Focal

Repository	Area	Version
base	main	2.6.4-1ubuntu4
base	universe	2.6.4-1ubuntu4
security	main	2.6.4-1ubuntu4.2
security	universe	2.6.4-1ubuntu4.2
updates	universe	2.6.4-1ubuntu4.2

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 2.6.4-1ubuntu4.2 2022-07-19 15:06:21 UTC

harfbuzz (2.6.4-1ubuntu4.2) focal-security; urgency=medium * SECURITY UPDATE: DoS via integer overflow - debian/patches/CVE-2022-33068-1.patch: limit glyph extents in src/hb-ot-color-sbix-table.hh. - debian/patches/CVE-2022-33068-2.patch: fix conditional in src/hb-ot-color-sbix-table.hh. - CVE-2022-33068 * debian/rules: increase fuzzer timeouts to fix FTBFS on riscv64. -- Marc Deslauriers <email address hidden> Wed, 13 Jul 2022 12:43:13 -0400

CVE-2022-33068

An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified v

About - Send Feedback to @ubuntu_updates

Package "harfbuzz"

Links

Other versions of "harfbuzz" in Focal

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

proposed

PPA updates