| Package | libass |
|---|---|
| Version | 0.10.2-3+deb8u1 |
| Related CVEs | CVE-2016-7969 CVE-2016-7972 |
Two issues have been found in libass, a library for SSA/ASS subtitles rendering.
CVE-2016-7972: Fix memory reallocation in the shaper.
CVE-2016-7969: Fix mode 0/3 line wrapping equalization in specific cases which could result in illegal reads while laying out and shaping text.
For Debian 8 jessie, these problems have been fixed in version 0.10.2-3+deb8u1.
We recommend that you upgrade your libass packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.