cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.Referenceshttps://bugs.freedesktop.org/show_bug.cgi?id=101547https://security.gentoo.org/glsa/201904-01http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00042.htmlhttps://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
