Update coming once the build system catches up. Advisory: ---------------------------------------- The pango package has been updated to version 1.48.4 to fix memory leaks, overflows, and other issues. References: https://gitlab.gnome.org/GNOME/pango/-/blob/386639c3b118cc973f714eb485877f480391f31f/NEWS
Updated packages in core/updates_testing: ---------------------------------------- pango-1.48.4-1.mga8 pango-tests-1.48.4-1.mga8 libpango1.0_0-1.48.4-1.mga8 libpango1.0-devel-1.48.4-1.mga8 libpango-gir1.0-1.48.4-1.mga8 from pango-1.48.4-1.mga8.src.rpm
Assignee: bugsquad => qa-bugs
mga8, x64 Could not find any information on vulnerabilities or PoC so went ahead with the update. pango-tests supplies a suite of test scripts and libexec files such as /usr/share/installed-tests/pango/testscript.test and /usr/libexec/installed-tests/pango/testscript but no help with usage. It looks like pango is normally run as a backend to handle various types of fonts across an international spectrum in native scripts, examples of output at https://pango.gnome.org/ScriptGallery. There is a pango-view application for rendering *.txt files but no examples are available. $ urpmq --whatrequires lib64pango1.0_0 | sort -u > pango.list finds 535 applications or libraries including firefox, atril, bluefish, darktable, hexchat, lilypond and pango-tests. lilypond sounds the most promising: $ strace -o lilypond.trace lilypond --png -o factotum factotum.ly $ eom factotum.png shows a musical stave with a lyric underneath. $ grep pango lilypond.trace openat(AT_FDCWD, "/lib64/libpangoft2-1.0.so.0", O_RDONLY|O_CLOEXEC) = 3 openat(AT_FDCWD, "/lib64/libpango-1.0.so.0", O_RDONLY|O_CLOEXEC) = 3 read(6, "ngo-font-physical-fonts pango-fo"..., 4096) = 1789 read(5, "pango font\")\n (,ly:paper-book"..., 4096) = 4096 Taking that as confirmation that pango works OK. If any useful information turns up the OK can be withdrawn in favour of further testing.
Whiteboard: (none) => MGA8-64-OKCC: (none) => tarazed25
Validating. Advisory in Comment 0.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGAA-2021-0115.html
Status: NEW => RESOLVEDResolution: (none) => FIXED