https://bugzilla.redhat.com/show_bug.cgi?id=1613550 Laura Pardo <lpardo(a)redhat.com&gt; changed: What |Removed |Added ---------------------------------------------------------------------------- Group|security, qe_staff | CC| |alexl(a)redhat.com, | |fonts-bugs(a)lists.fedoraproj | |ect.org, | |i18n-bugs(a)lists.fedoraproje | |ct.org, | |john.j5live(a)gmail.com, | |mclasen(a)redhat.com, | |rhughes(a)redhat.com, | |rstrode(a)redhat.com, | |sandmann(a)redhat.com, | |tagoh(a)redhat.com Fixed In Version| |pango 1.42.4 Summary|EMBARGOED CVE-2018-15120 |CVE-2018-15120 pango: |pango: application crash |application crash triggered |triggered by unicode chars |by unicode chars in |in pango-emoji.c |pango-emoji.c Whiteboard|impact=moderate,reported=20 |impact=moderate,public=2018 |180807,source=upstream,cvss |0820,reported=20180807,sour |3=4/CVSS:3.0/AV:L/AC:L/PR:N |ce=upstream,cvss3=4/CVSS:3. |/UI:N/S:U/C:N/I:N/A:L,cwe=C |0/AV:L/AC:L/PR:N/UI:N/S:U/C |WE-617,openshift-enterprise |:N/I:N/A:L,cwe=CWE-617,open |-3/pango=new,fedora-all/pan |shift-enterprise-3/pango=ne |go=affected,rhel-6/pango=no |w,fedora-all/pango=affected |taffected,rhel-8/pango=affe |,rhel-6/pango=notaffected,r |cted,rhel-7/pango=notaffect |hel-8/pango=affected,rhel-7 |ed,rhel-5/pango=notaffected |/pango=notaffected,rhel-5/p | |ango=notaffected --- Comment #2 from Laura Pardo <lpardo(a)redhat.com&gt; --- References: https://mail.gnome.org/archives/distributor-list/2018-August/msg00001.html Upstream patch: https://gitlab.gnome.org/GNOME/pango/commit/71aaeaf020340412b8d012fe23a55... -- You are receiving this mail because: You are on the CC list for the bug.