Crash in Pango <= 1.24.x

We have found a crash in the OpenType code present in some versions of

Under certain circumstances (and depending on the font being used),
a string with unusual Unicode characters can provoke a segmentation
fault and crash the process.

It has been reproduced with Pango 1.24.2, but all versions <= 1.24.x
should be vulnerable too (1.25.1 and later versions don't contain the
affected code).

There's a patch available for distributors shipping an affected Pango

Please note that the 1.24 branch is _unmaintained_ so there won't be
any future Pango release containing this fix.

Best regards,


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]