Debian-LTS has issued an advisory on January 6:
Mageia 7 is also affected.
Patches available from upstreamWhiteboard:
Fix pushed in mageia cauldron.
Fix pushed in mga7
Updated cairo packages fix security vulnerability:
LibreOffice slideshow aborts with stack smashing in cairo’s composite_boxes
Updated packages in core/updates_testing:
Patches available from upstream =>
Created a short slide show in Libreoffice Impress with 12 slides. Used the slideshow function, but did not visibly trigger any problems.
Updated lib64cairo2. No installation issues. Ran the slide show again, with no issues noted.
urpmq --whatrequires lib64cairo2 reveals a very long list. The Gimp is on it, as is Firefox, and cairo-dock.
Ran The Gimp with a complex image consisting of over 70 layers of graphics and text, with no issues. Cairo-dock was already installed on one test machine during a previous test of it, and there were no regressions with any of the 2D rendering. Firefox is being used to make this report, with no regressions noted.
I'm going to call this OK, and validate. Advisory in Comment 3.
Advisory pushed to SVN.
An update for this issue has been pushed to the Mageia Updates repository.