Back to bug 2167254
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Sandipan Roy | 2023-02-06 04:22:52 UTC | CC | ahughes, chazlett, dfitzmau, erack, jdowland, jhorak, jvanek, neugens, pjindal, rh-spice-bugs, sraghupu, stransky, tpopela | |
| Sandipan Roy | 2023-02-06 04:23:28 UTC | Blocks | 2167255 | |
| Sandipan Roy | 2023-02-07 06:25:03 UTC | Depends On | 2167632, 2167630, 2167631 | |
| TEJ RATHI | 2023-02-09 10:25:30 UTC | Depends On | 2168529, 2168527, 2168528 | |
| TEJ RATHI | 2023-02-27 05:07:34 UTC | Depends On | 2173489 | |
| TEJ RATHI | 2023-02-27 06:02:08 UTC | Fixed In Version | harfbuzz 7.0.0 | |
| Doc Text | A vulnerability was found HarfBuzz which allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. | |||
| RaTasha Tillery-Smith | 2023-02-27 15:03:33 UTC | Doc Text | A vulnerability was found HarfBuzz which allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. | A vulnerability was found HarfBuzz. This flaw allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. |
| Red Hat Bugzilla | 2023-07-07 08:32:51 UTC | Assignee | security-response-team | nobody |
| Mauro Matteo Cascella | 2023-07-16 12:14:08 UTC | CC | caswilli, dffrench, fjansen, gmccullo, gzaronik, hbraun, jhuttana, jmartine, kaycoth, ngough, rgodfrey | |
| Mauro Matteo Cascella | 2023-07-16 12:32:22 UTC | Blocks | 2221090 | |
| CC | mcascell | |||
| Mauro Matteo Cascella | 2023-07-16 12:48:07 UTC | Depends On | 2222050 | |
| Mauro Matteo Cascella | 2023-07-16 12:50:17 UTC | Depends On | 2221121 | |
| Mauro Matteo Cascella | 2023-07-16 12:50:21 UTC | Depends On | 2221122 | |
| Mauro Matteo Cascella | 2023-07-16 12:50:24 UTC | Depends On | 2221123 | |
| Mauro Matteo Cascella | 2023-07-16 12:50:27 UTC | Depends On | 2221124 | |
| Mauro Matteo Cascella | 2023-07-16 12:50:31 UTC | Depends On | 2221125 | |
| Mauro Matteo Cascella | 2023-07-16 12:50:34 UTC | Depends On | 2221126 | |
| Mauro Matteo Cascella | 2023-07-16 12:50:37 UTC | Depends On | 2221127 | |
| Mauro Matteo Cascella | 2023-07-16 12:50:40 UTC | Depends On | 2221128 | |
| Mauro Matteo Cascella | 2023-07-16 12:50:44 UTC | Depends On | 2221129 | |
| Mauro Matteo Cascella | 2023-07-16 12:50:47 UTC | Depends On | 2221130 | |
| Mauro Matteo Cascella | 2023-07-16 12:50:51 UTC | Depends On | 2221118 | |
| Mauro Matteo Cascella | 2023-07-16 12:50:54 UTC | Depends On | 2221119 | |
| Mauro Matteo Cascella | 2023-07-16 12:50:58 UTC | Depends On | 2221120 | |
| Mauro Matteo Cascella | 2023-07-16 12:51:01 UTC | Depends On | 2221131 | |
| Mauro Matteo Cascella | 2023-07-16 12:51:04 UTC | Depends On | 2221132 | |
| Mauro Matteo Cascella | 2023-07-16 12:51:07 UTC | Depends On | 2221133 | |
| Mauro Matteo Cascella | 2023-07-16 12:55:53 UTC | Summary | CVE-2023-25193 harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks | CVE-2023-25193 harfbuzz: OpenJDK: O(n^2) growth via consecutive marks |
| errata-xmlrpc | 2023-07-19 17:14:37 UTC | Link ID | Red Hat Product Errata RHSA-2023:4170 | |
| errata-xmlrpc | 2023-07-19 17:17:48 UTC | Link ID | Red Hat Product Errata RHSA-2023:4171 | |
| errata-xmlrpc | 2023-07-19 17:21:35 UTC | Link ID | Red Hat Product Errata RHSA-2023:4165 | |
| errata-xmlrpc | 2023-07-19 17:21:50 UTC | Link ID | Red Hat Product Errata RHSA-2023:4162 | |
| errata-xmlrpc | 2023-07-19 17:23:22 UTC | Link ID | Red Hat Product Errata RHSA-2023:4164 | |
| errata-xmlrpc | 2023-07-19 17:23:48 UTC | Link ID | Red Hat Product Errata RHSA-2023:4157 | |
| errata-xmlrpc | 2023-07-19 17:23:57 UTC | Link ID | Red Hat Product Errata RHSA-2023:4169 | |
| errata-xmlrpc | 2023-07-19 17:24:28 UTC | Link ID | Red Hat Product Errata RHSA-2023:4163 | |
| errata-xmlrpc | 2023-07-20 12:11:45 UTC | Link ID | Red Hat Product Errata RHSA-2023:4161 | |
| errata-xmlrpc | 2023-07-20 12:11:52 UTC | Link ID | Red Hat Product Errata RHSA-2023:4208 | |
| errata-xmlrpc | 2023-07-20 12:12:06 UTC | Link ID | Red Hat Product Errata RHSA-2023:4210 | |
| errata-xmlrpc | 2023-07-20 12:12:11 UTC | Link ID | Red Hat Product Errata RHSA-2023:4211 | |
| errata-xmlrpc | 2023-07-20 12:13:52 UTC | Link ID | Red Hat Product Errata RHSA-2023:4177 | |
| errata-xmlrpc | 2023-07-20 12:13:57 UTC | Link ID | Red Hat Product Errata RHSA-2023:4158 | |
| errata-xmlrpc | 2023-07-20 12:17:38 UTC | Link ID | Red Hat Product Errata RHSA-2023:4159 | |
| errata-xmlrpc | 2023-07-20 12:17:48 UTC | Link ID | Red Hat Product Errata RHSA-2023:4175 | |
| Product Security DevOps Team | 2023-07-20 17:50:39 UTC | Depends On | 2224350 | |
| CC | hbraun | |||
| Resolution | --- | ERRATA | ||
| Summary | CVE-2023-25193 harfbuzz: OpenJDK: O(n^2) growth via consecutive marks | CVE-2023-25193 harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks | ||
| Status | NEW | CLOSED | ||
| Last Closed | 2023-07-20 17:50:39 UTC | |||
| errata-xmlrpc | 2023-07-21 14:01:11 UTC | Link ID | Red Hat Product Errata RHSA-2023:4233 | |
| Mauro Matteo Cascella | 2023-08-07 09:02:22 UTC | CC | dbhole | |
| Parag Nemade | 2023-08-11 15:59:09 UTC | CC | pnemade |
Back to bug 2167254