openSUSE-SU-2020:1003-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2020:1003-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/openSUSE-SU-2020:1003-1
- Related
- Published
- 2020-07-19T04:27:05Z
- Modified
- 2020-07-19T04:27:05Z
- Summary
- Security update for cairo
- Details
-
This update for cairo fixes the following issues:
- Fix a memory corruption in pango.
- Revert 'Correctly decode Adobe CMYK JPEGs in PDF export'.
- Add more FreeeType font color conversions to support COLR/CPAL.
- Fix crash when rendering Microsoft's Segoe UI Emoji Regular font.
- Fix memory leaks found by Coverity.
- Fix assertion failure in the freetype backend. (fdo#105746).
- Add cairo-CVE-2017-9814.patch: Replace malloc with cairomalloc and check cmap size before allocating (bsc#1049092)
This update was imported from the SUSE:SLE-15:Update update project.
- References
Affected packages
openSUSE:Leap 15.1 / cairo
Package
- Name
- cairo
- Purl
- pkg:rpm/opensuse/cairo&distro=openSUSE%20Leap%2015.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.16.0-lp151.5.3.1
Ecosystem specific
{
"binaries": [
{
"libcairo-gobject2-32bit": "1.16.0-lp151.5.3.1",
"libcairo2": "1.16.0-lp151.5.3.1",
"libcairo2-32bit": "1.16.0-lp151.5.3.1",
"cairo-tools": "1.16.0-lp151.5.3.1",
"libcairo-gobject2": "1.16.0-lp151.5.3.1",
"libcairo-script-interpreter2-32bit": "1.16.0-lp151.5.3.1",
"cairo-devel": "1.16.0-lp151.5.3.1",
"libcairo-script-interpreter2": "1.16.0-lp151.5.3.1",
"cairo-devel-32bit": "1.16.0-lp151.5.3.1"
}
]
}