USN-2927-1 Graphite2 vulnerabilities
Graphite2 could be made to crash or run programs as your login if it opened a specially crafted font.
It was discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.
Severity is medium unless otherwise noted.
Users of affected versions should apply the following mitigation: