Gentoo Linux Security Advisory 201701-76 - Multiple vulnerabilities have been found in HarfBuzz, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 1.0.6 are affected.
c4c43fcf2857f96ff6e6e6c393e86dcc4e8f80c56171ed36cf7a530c3cb25994
Ubuntu Security Notice 3067-1 - Kostya Serebryany discovered that HarfBuzz incorrectly handled memory. A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that HarfBuzz incorrectly handled certain length checks. A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 16.04 LTS. Various other issues were also addressed.
a4562fc8ba877daedc2e5dd13519fd488619bc5d93df56679621a15de2fa32c7