AVG-826 log

Package cairo
Status Fixed
Severity Critical
Type arbitrary code execution
Affected 1.16.0-1
Fixed 1.16.0-2
Current 1.18.2-2 [extra]
Ticket None
Created Sat Dec 8 22:09:06 2018
Issue Severity Remote Type Description
CVE-2018-19876 Critical Yes Arbitrary code execution
A memory-corruption issue has been found in cairo versions <= 1.16.0, in the cairo_ft_apply_variations() function in cairo-ft-font.c. This function frees...
Date Advisory Package Type
17 Feb 2019 ASA-201902-19 cairo arbitrary code execution
References
https://seclists.org/oss-sec/2018/q4/205