Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2020-12825

Published: 12 May 2020

libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption.

Priority

Low

CVSS 3 base score: 7.1

Status

Package Release Status
gnome-shell
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needs triage

kinetic Needs triage

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Needs triage

libcroco
Launchpad, Ubuntu, Debian
bionic Needed

eoan Ignored
(reached end-of-life)
focal Needed

groovy Ignored
(reached end-of-life)
hirsute Does not exist

impish Does not exist

jammy Does not exist

kinetic Does not exist

precise Ignored
(end of ESM support, was needed)
trusty Needed

upstream Needed

xenial
Released (0.6.11-1ubuntu0.1~esm1)
Patches:
upstream: https://gitlab.gnome.org/GNOME/gnome-shell/-/commit/44cbd1e718d6a08e59b9300280c340218a84e089