CVE-2020-36430 (https://github.com/libass/libass/commit/017137471d0043e0321e377ed8da48e45a3ec632): libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode_chars (called from decode_font and process_text) because the wrong integer data type is used for subtraction. Seems like this was indeed fixed in 0.15.1, so please cleanup.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c4bd74eb575a63959f5496507b6495bb895b6a38 commit c4bd74eb575a63959f5496507b6495bb895b6a38 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2021-07-25 21:26:52 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2021-07-26 03:13:01 +0000 media-libs/libass: drop 0.15.0 Bug: https://bugs.gentoo.org/803119 Signed-off-by: John Helmert III <ajak@gentoo.org> media-libs/libass/Manifest | 1 - media-libs/libass/libass-0.15.0.ebuild | 42 ---------------------------------- 2 files changed, 43 deletions(-)
Package list is empty or all packages have requested keywords.
GLSA request filed.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=d7329b83bbe97f0a26668c688489b9caf15179c3 commit d7329b83bbe97f0a26668c688489b9caf15179c3 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-10 04:08:39 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-10 04:17:34 +0000 [ GLSA 202208-13 ] libass: Denial of service Bug: https://bugs.gentoo.org/803119 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202208-13.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+)
GLSA released, all done!