openSUSE has issued an advisory on May 11: https://lists.opensuse.org/opensuse-updates/2018-05/msg00036.html Mageia 5 is also affected.
SUSE has issued an advisory on May 28: http://lists.suse.com/pipermail/sle-security-updates/2018-May/004095.html It fixes one additional issue that likely affects us as well.
Summary: cairo new security issue CVE-2017-9814 => cairo new security issues CVE-2017-7475 and CVE-2017-9814
Assigning to the registered maintainer.
CC: (none) => marja11Assignee: bugsquad => shlomif
Where are the patches? I've been chasing links for many minutes now.q
replace-malloc-with-cairo-malloc.patch - CVE-2017-9814 cairo-get_bitmap_surface-bsc1036789-CVE-2017-7475.diff - CVE-2017-7475 https://build.opensuse.org/package/show/openSUSE:Leap:42.3:Update/cairo
Status comment: (none) => Patches available from openSUSE
openSUSE has issued an advisory for CVE-2017-9814 today (July 6): https://lists.opensuse.org/opensuse-updates/2018-07/msg00002.html
Mageia 6 is EOL.
Resolution: (none) => OLDCC: (none) => mramboStatus: NEW => RESOLVED