Gentoo Linux Security Advisory 201701-63 - Multiple vulnerabilities have been found in Graphite, the worst of which could lead to the remote execution of arbitrary code. Versions less than 1.3.7 are affected.
757f34c27a3b3147e33cf6b8228d59efe5f86a09ecd02431cd1f5343997a83f3
Gentoo Linux Security Advisory 201701-35 - Multiple vulnerabilities have been found in Mozilla SeaMonkey, the worst of which could lead to the remote execution of arbitrary code. Versions less than 2.46-r1 are affected.
edb4103926996cc60bdbdba4e04c9d073a6b3369fcdbbd4d3088d21fac388142
Red Hat Security Advisory 2016-0594-01 - Graphite2 is a project within SIL's Non-Roman Script Initiative and Language Software Development groups to provide rendering capabilities for complex non-Roman writing systems. Graphite can be used to create "smart fonts" capable of displaying writing systems with various complex behaviors. With respect to the Text Encoding Model, Graphite handles the "Rendering" aspect of writing system implementation. The following packages have been upgraded to a newer upstream version: graphite2.
8245e814f0ff3ac5cb5d50adb975b1e87e9aa2734b464dc080a69a685a6503bf
Ubuntu Security Notice 2902-1 - Yves Younan discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.
4ecb16d84a83cc63b11ddbf287df3bdab9b45a54ffb4113420c9511004c21441
Debian Linux Security Advisory 3479-1 - Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if a malformed font file is processed.
d0e73d830bd0e10c507af71634a239a6ec899c968bbef3b77e0a766de4cc3467
Red Hat Security Advisory 2016-0197-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. All Firefox users should upgrade to these updated packages, which contain Firefox version 38.6.1 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
936e217edeec064168d70fd655575a6acf9b4b927ff160b116e6463eddbf5ad3