[3.9] cairo: Invalid free in cairo_ft_apply_variations (CVE-2018-19876)
cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c,
would free memory using a free function incompatible with WebKit’s
fastMalloc, leading to an application crash with a “free(): invalid
pointer” error.
References:
https://seclists.org/oss-sec/2018/q4/205
https://gitlab.freedesktop.org/cairo/cairo/merge\_requests/5
Patch:
https://gitlab.freedesktop.org/cairo/cairo/merge\_requests/5.patch
(from redmine: issue id 9748, created on 2018-12-12, closed on 2019-05-04)
- Relations:
- parent #9747
- Changesets:
- Revision 608f65b2 on 2019-01-08T11:19:04Z:
main/cairo: security fix (CVE-2018-19876)
Fixes #9748