OSS-Fuzz is a Continuous Fuzzing for Open Source Software. See $URL for more details about the issue. Commit fix: @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
(In reply to Agostino Sarubbo from comment #0) > Commit fix: it is unfixed upstream
Is it even reported upstream?
(In reply to Andreas Sturmlechner from comment #2) > Is it even reported upstream? I believe so: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1856 https://github.com/harfbuzz/harfbuzz/commit/e5930722d485207ca158612a2b08816337fed7e8
Should be fixed in media-libs/harfbuzz-1.7.2.
*** Bug 640336 has been marked as a duplicate of this bug. ***
sparc stable (thanks to Rolf Eike Beer)
amd64 stable
x86 stable
arm stable
ia64 stable
ppc stable
ppc64 stable
hppa stable
Stable on alpha.
arm64 stable; no glsa voting going on here?
No CVE requested for this by upstream and no PoC available. While it is rated an A3, due to a potential for DoS, I am closing this without a GLSA due to lack of the previously mentioned items.