{"schema_version":"1.7.2","id":"OESA-2022-2074","modified":"2022-11-11T11:04:34Z","published":"2022-11-11T11:04:34Z","upstream":["CVE-2019-19308"],"summary":"gnome-font-viewer security update","details":"The Font Viewer application has been rewritten to match the new design used for GNOME 3 applications.It can now show an overview of all installed fonts and optimizes screen space usage when the application is maximized.\r\n\r\nSecurity Fix(es):\r\n\r\nIn text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section (due to a g_strconcat call that returns NULL).(CVE-2019-19308)","affected":[{"package":{"ecosystem":"openEuler:22.03-LTS","name":"gnome-font-viewer","purl":"pkg:rpm/openEuler/gnome-font-viewer\u0026distro=openEuler-22.03-LTS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.34.0-2.oe2203"}]}],"ecosystem_specific":{"aarch64":["gnome-font-viewer-debugsource-3.34.0-2.oe2203.aarch64.rpm","gnome-font-viewer-3.34.0-2.oe2203.aarch64.rpm","gnome-font-viewer-debuginfo-3.34.0-2.oe2203.aarch64.rpm"],"src":["gnome-font-viewer-3.34.0-2.oe2203.src.rpm"],"x86_64":["gnome-font-viewer-debuginfo-3.34.0-2.oe2203.x86_64.rpm","gnome-font-viewer-debugsource-3.34.0-2.oe2203.x86_64.rpm","gnome-font-viewer-3.34.0-2.oe2203.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-2074"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19308"}],"database_specific":{"severity":"Medium"}}