harfbuzz-2.7.4-10.el9
エラータID: AXSA:2024-7815:01
HarfBuzz is an implementation of the OpenType Layout engine.
Security Fix(es):
* harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks (CVE-2023-25193)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the MIRACLE LINUX 9.4 Release Notes linked from the References section.
CVE-2023-25193
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
Update packages.
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
N/A
SRPMS
- harfbuzz-2.7.4-10.el9.src.rpm
MD5: 295db021bb793bba3b188affa03812a5
SHA-256: e6ebd53a64f8784ac3c167a3457184f3091f6dfdeb844c834879a96ba41436c6
Size: 9.11 MB
Asianux Server 9 for x86_64
- harfbuzz-2.7.4-10.el9.i686.rpm
MD5: f2512dde67bcd330a851cd18b3432c05
SHA-256: f4a30efe14bdf574e3148fb4b5981f5a05a0249865d0567a9f12360c017ff669
Size: 648.66 kB - harfbuzz-2.7.4-10.el9.x86_64.rpm
MD5: edddfb6ca2734e6add2239638ef27059
SHA-256: c9d8ada803ff3de76472b00baf3912b1166d054c057f5faffb598e61e5ee62f0
Size: 623.40 kB - harfbuzz-devel-2.7.4-10.el9.i686.rpm
MD5: 536f6869390d9c65282b934f3086c4f0
SHA-256: b07017f000f20ae1ff5821c34aa5f19cfa9c00a3b75669794234092004bbd54f
Size: 307.15 kB - harfbuzz-devel-2.7.4-10.el9.x86_64.rpm
MD5: 979383be03efcaa7f8f1e23009fdcc62
SHA-256: 392b68a5a553e471a5f7effadf098377edb8bdd23d988c624affa3f751456ba4
Size: 304.70 kB - harfbuzz-icu-2.7.4-10.el9.i686.rpm
MD5: 76d1f5d62730ea0023065143b757080e
SHA-256: c1f8e37fd1f521ad561a50a8dca67bb1f8644d042aede1cc63fa97d8f391736f
Size: 12.87 kB - harfbuzz-icu-2.7.4-10.el9.x86_64.rpm
MD5: 343a788fd0dcfcbf81fea1085b9cd690
SHA-256: 4253cba80ff39e6f917fd94b6ea460dab67b63def5189dc41648f0dcb86feb13
Size: 12.66 kB