https://bugs.documentfoundation.org/show_bug.cgi?id=103538
Bug ID: 103538
Summary: Use OpenType Sanitiser to sanitize embedded fonts
Product: LibreOffice
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: medium
Component: graphics stack
Assignee: [email protected]
Reporter: [email protected]
LibreOffice supports embedded fonts in the documents for sometime now, and we
use and pass these fonts to font rendering libraries without any checking for
there validity. Fonts can be a security risk and malicious fonts can easily
crash the system on several platforms.
Some web browsers (Google Chrome and Mozilla Firefox) use OpenType Sanitiser to
sanitize downloadable webfonts to mitigate such risks, and I think LibreOffice
should do the same.
https://github.com/khaledhosny/ots
--
You are receiving this mail because:
You are the assignee for the bug._______________________________________________
Libreoffice-bugs mailing list
[email protected]
https://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs
