An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/#CVE-2017-5436 Acknowledgements: Name: the Mozilla project Upstream: Holger Fuhrmannek
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2017:1104 https://access.redhat.com/errata/RHSA-2017:1104
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:1106 https://access.redhat.com/errata/RHSA-2017:1106
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2017:1201 https://access.redhat.com/errata/RHSA-2017:1201