Описание
In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libass | fixed | 1:0.15.0-1 | package | |
| libass | no-dsa | buster | package | |
| libass | not-affected | stretch | package |
Примечания
https://github.com/libass/libass/issues/431
https://github.com/libass/libass/pull/432
Связанные уязвимости
CVSS3: 8.8
ubuntu
больше 5 лет назад
In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow.
CVSS3: 8.8
nvd
больше 5 лет назад
In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow.
CVSS3: 8.8
github
больше 3 лет назад
In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow.