Gentoo Linux Security Advisory 201710-13 - Multiple vulnerabilities have been found in Graphite, the worst of which could lead to the remote execution of arbitrary code. Versions less than 1.3.10 are affected.
1fc515997811b48f7dcb764101edd9caa941f703833a6e6b6e19790194606b3c
Ubuntu Security Notice 3398-1 - Holger Fuhrmannek and Tyson Smith discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.
5171bb449a2c30960b248aece49de8e4622c8d0b6b55a34c13fb9f1067da82e7
Red Hat Security Advisory 2017-1793-01 - Graphite2 is a project within SIL's Non-Roman Script Initiative and Language Software Development groups to provide rendering capabilities for complex non-Roman writing systems. Graphite can be used to create "smart fonts" capable of displaying writing systems with various complex behaviors. With respect to the Text Encoding Model, Graphite handles the "Rendering" aspect of writing system implementation. The following packages have been upgraded to a newer upstream version: graphite2. Multiple security issues have been addressed.
736af5abc072c79d5f321c80bfb71391a4b91c50e5670e5d50a8172ca59aa559
Ubuntu Security Notice 3321-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information or execute arbitrary code. Multiple security issues were discovered in the Graphite 2 library used by Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, or execute arbitrary code. Various other issues were also addressed.
57e348bea760c2cb4327bbd86d89e9a4d71e13691e4cb0cb59f1f2020a33eef1
Red Hat Security Advisory 2017-1561-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.2.0. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
502ad26d007c53fa4eb41c7d2c2e6e3149dbaeb0df72f833d10b786f83e62751
Debian Linux Security Advisory 3881-1 - Several security issues have been found in the Mozilla Firefox web and other implementation errors may lead to the execution of arbitrary code, denial of service or domain spoofing.
112422a70957456e9a0f819bd20d78994f90e7c026cb6c4655c32d62302d5b07
Ubuntu Security Notice 3315-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, spoof the addressbar contents, or execute arbitrary code. Multiple security issues were discovered in the Graphite 2 library used by Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, or execute arbitrary code. Various other issues were also addressed.
7eb0864d83a8a74066d8c82ffa503c1e09d4fbdfca74fda567aa1c836240f8c7
Red Hat Security Advisory 2017-1440-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.2.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
26d6c36e4053e261e142a2e263030deba754785c2baa9807438506be570d59c6