Cairo: Buffer Overflow Vulnerability A buffer overflow vulnerability has been discovered in Cairo which could result in denial of service. cairo 2023-05-03 2023-05-03 777123 remote 1.17.6 1.17.6

Cairo is a 2D vector graphics library with cross-device output support.

An attacker with the ability to provide input to Cairo's image-compositor can cause a buffer overwrite.

Malicious input to Cairo's image-compositor can result in denial of service of the application using such Cairo functionality.

There is no known workaround at this time.

All Cairo users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=x11-libs/cairo-1.17.6" CVE-2020-35492 ajak sam