Re: [Silgraphite-devel] Graphite2 release 1.3.5

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi,

On Fri, Jan 22, 2016 at 08:55:42AM -0600, Martin Hosken wrote:
> The bugs will be disclosed in due course from here: http://www.talosintel.com/vulnerability-reports/ as:
> 
> TALOS-CAN-0058:
> A suitably crafted font can result in arbitrary code execution.
> 
> TALOS-CAN-0059:
> A suitably crafted font can result in a buffer overflow.

OK.

> I have no idea *when* the TALOS bugs will be made public, but if anyone really wants the details, I am happy to send them the bug reports offline.

Please.
Ideally including which versions are affected (in my case I'd need to patch
1.1.3 and 1.2.4) and which patches fix it...

Regards,

Rene