@cf-buildpacks-eng cf-buildpacks-eng released this Aug 21, 2017 · 111 commits to master since this release

Assets 3

Notably, this release addresses:

USN-3398-1 Ubuntu Security Notice USN-3398-1:

  • CVE-2017-7771: Graphite2 out of bounds read [@ graphite2::Pass::readPass]
  • CVE-2017-7772: Graphite2 heap-buffer-overflow write [@ lz4::decompress]
  • CVE-2017-7773: Graphite2 heap-buffer-overflow write [@ lz4::decompress] src/Decompressor
  • CVE-2017-7774: Graphite2 out of bounds read [@ graphite2::Silf::readGraphite]
  • CVE-2017-7775: Graphite2 Assertion 'size() > n' failed
  • CVE-2017-7776: Graphite2 heap-buffer-overflow read [@ graphite2::Silf::getClassGlyph]
  • CVE-2017-7777: Graphite2 use of uninitialized memory [@ graphite2::GlyphCache::Loader:: read_glyph]
  • CVE-2017-7778: Graphite2 lz4::decompress out of bounds write
-ii  libgraphite2-3:amd64  1.3.6-1ubuntu0.14.04.1  amd64  Font rendering engine for Complex Scripts -- library
+ii  libgraphite2-3:amd64  1.3.10-0ubuntu0.14.04.1 amd64  Font rendering engine for Complex Scripts -- library