{"id":"MGASA-2016-0341","summary":"Updated libass packages fixes security vulnerabilities","details":"Amount of memory allocated during memory reallocation in the shaper wasn't\ntracked, possibly resulting in undefined behavior (CVE-2016-7972).\n\nIllegal read in Gaussian blur coefficient calculations (CVE-2016-7970).\n\nMode 0/3 line wrapping equalization in specific cases could result in illegal\nreads while laying out and shaping text. (CVE-2016-7969)\n\nThe libass package has been updated to version 0.13.4, fixing this issue and\nseveral other bugs.\n","modified":"2026-04-16T01:47:08.648875872Z","published":"2016-10-12T15:09:49Z","upstream":["CVE-2016-7969","CVE-2016-7970","CVE-2016-7972"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0341.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=19537"},{"type":"WEB","url":"https://github.com/libass/libass/releases"}],"affected":[{"package":{"name":"libass","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/libass?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.13.4-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0341.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}