2 matches found
MGASA-2021-0413 Updated libass packages fix security vulnerability
Updated libass packages fix security vulnerability: libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decodechars called from decodefont and processtext because the wrong integer data type is used for subtraction CVE-2020-36430...
MGASA-2021-0017 Updated libass packages fix security vulnerability
In libass 0.14.0, the assoutlineconstruct's call to outlinestroke causes a signed integer overflow. CVE-2020-26682...