[Webkit-unassigned] [Bug 31106] Sanitize web fonts using the OTS library
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Nov 9 18:10:21 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=31106
--- Comment #40 from Yusuke Sato <yusukes at chromium.org> 2009-11-09 18:10:19 PDT ---
Yes, the OTS library currently does not support GPOS/GSUB/morx tables. However,
"does not support" means that OTS does not parse these tables, does not put
them on a reconstructed font. As a result, attackers are not able to abuse
these tables.
http://code.google.com/p/ots/wiki/DesignDoc
Though we might add parsers for these tables in the future if needed, it's
unlikely for the first release.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list