| Release | Version |
|---|---|
| jessie | 0.9.35-2+deb8u1 |
| stretch | 1.4.2-1 |
| buster | 2.3.1-1 |
| bullseye | 2.7.4-1 |
| bookworm | 6.0.0+dfsg-3 |
| trixie | 10.0.1-1 |
| sid | 10.0.1-1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-25193 | fixed | fixed | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to ... |
| CVE-2022-33068 | fixed | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | An integer overflow in the component hb-ot-shape-fallback.cc of Harfbu ... |
| Bug | Description |
|---|---|
| CVE-2022-33069 | Ethereum Solidity v0.8.14 contains an assertion failure via SMTEncoder ... |
| CVE-2021-45931 | HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t:: ... |
| CVE-2016-2052 | Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used ... |
| CVE-2015-9274 | HarfBuzz before 1.0.4 allows remote attackers to cause a denial of ser ... |
| CVE-2015-8947 | hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote atta ... |
| DSA / DLA | Description |
|---|---|
| DLA-2040-1 | harfbuzz - security update |