| Release | Version |
|---|---|
| bullseye | 2.7.4-1 |
| bookworm | 6.0.0+dfsg-3 |
| trixie | 10.2.0-1 |
| forky | 12.1.0-1 |
| sid | 12.1.0-1 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2023-25193 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to ... |
| CVE-2022-33068 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An integer overflow in the component hb-ot-shape-fallback.cc of Harfbu ... |
| Bug | Description |
|---|---|
| CVE-2024-56732 | HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, ... |
| CVE-2021-45931 | HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t:: ... |
| CVE-2016-2052 | Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used ... |
| CVE-2015-9274 | HarfBuzz before 1.0.4 allows remote attackers to cause a denial of ser ... |
| CVE-2015-8947 | hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote atta ... |
| DSA / DLA | Description |
|---|---|
| DLA-2040-1 | harfbuzz - security update |