Package: libcroco / 0.6.11-3
Patch seriesview the series file
|CVE 2017 7960 heap buffer overflow.patch | (download)||
11 9 + 2 - 0 !
input: check end of input before reading a byte When reading bytes we weren't check that the index wasn't out of bound and this could produce an invalid read which could deal to a security bug.
|CVE 2017 7961 double to long check.patch | (download)||
10 10 + 0 - 0 !
tknzr: support only max long rgb values This fixes a possible out of bound when reading rgbs which are longer than the support MAXLONG