It was discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.3.6-1ubuntu0.14.04.1", "binary_name": "libgraphite2-3" }, { "binary_version": "1.3.6-1ubuntu0.14.04.1", "binary_name": "libgraphite2-3-dbg" }, { "binary_version": "1.3.6-1ubuntu0.14.04.1", "binary_name": "libgraphite2-3-dbgsym" }, { "binary_version": "1.3.6-1ubuntu0.14.04.1", "binary_name": "libgraphite2-dev" }, { "binary_version": "1.3.6-1ubuntu0.14.04.1", "binary_name": "libgraphite2-dev-dbgsym" }, { "binary_version": "1.3.6-1ubuntu0.14.04.1", "binary_name": "libgraphite2-doc" } ] }