https://bugzilla.redhat.com/show_bug.cgi?id=1763609
--- Comment #8 from Marco Benatto <[email protected]> --- The freetype library is able to handle PostScript created fonts, however there's an issue when handling PostScript balanced expressions. On ps_parser_skip_PS_token() a lack of proper validation may lead the reading cursor holding the current position being processed to go beyond the end of the text content. This further causes an out of bounds read o skip_comment() function. An attacker may leverage this bug by creating a crafted input file causing low confidentiality impact as unexpected data may be exposed as a result of the over-read. -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ fonts-bugs mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
