LibreOffice has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx. References: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=817 Upstream patch: https://github.com/LibreOffice/core/commit/28e61b634353110445e334ccaa415d7fb6629d62
Created libreoffice tracking bugs for this issue: Affects: fedora-all [bug 1444065]
This particular CVE refers specifically to https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=817 which is a bug introduced on the 19 Jan 2017 and fixed on 11 March 2017, so there was never a release with this bug in it.