Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-22693 (GCVE-0-2026-22693)
Vulnerability from cvelistv5 – Published: 2026-01-10 05:53 – Updated: 2026-01-12 16:47
VLAI?
EPSS
Title
Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS
Summary
HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault. This issue has been patched in version 12.3.0.
Severity ?
5.3 (Medium)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-01-12T05:10:58.184Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/01/11/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/01/12/1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22693",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-12T16:46:05.339668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-12T16:47:17.715Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "harfbuzz",
"vendor": "harfbuzz",
"versions": [
{
"status": "affected",
"version": "\u003c 12.3.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault. This issue has been patched in version 12.3.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-10T05:53:21.019Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-xvjr-f2r9-c7ww",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-xvjr-f2r9-c7ww"
},
{
"name": "https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae"
}
],
"source": {
"advisory": "GHSA-xvjr-f2r9-c7ww",
"discovery": "UNKNOWN"
},
"title": "Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-22693",
"datePublished": "2026-01-10T05:53:21.019Z",
"dateReserved": "2026-01-08T19:23:09.855Z",
"dateUpdated": "2026-01-12T16:47:17.715Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-22693\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-01-10T06:15:52.063\",\"lastModified\":\"2026-02-18T17:49:22.590\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault. This issue has been patched in version 12.3.0.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:harfbuzz_project:harfbuzz:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.3.0\",\"matchCriteriaId\":\"394555F9-FE83-460B-B30E-11AFE2B9C748\"}]}]}],\"references\":[{\"url\":\"https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-xvjr-f2r9-c7ww\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/01/11/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/01/12/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Patch\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2026/01/11/1\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/01/12/1\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2026-01-12T05:10:58.184Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-22693\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-12T16:46:05.339668Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-12T16:46:41.390Z\"}}], \"cna\": {\"title\": \"Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS\", \"source\": {\"advisory\": \"GHSA-xvjr-f2r9-c7ww\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"harfbuzz\", \"product\": \"harfbuzz\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 12.3.0\"}]}], \"references\": [{\"url\": \"https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-xvjr-f2r9-c7ww\", \"name\": \"https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-xvjr-f2r9-c7ww\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae\", \"name\": \"https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault. This issue has been patched in version 12.3.0.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476: NULL Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-01-10T05:53:21.019Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-22693\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-12T16:47:17.715Z\", \"dateReserved\": \"2026-01-08T19:23:09.855Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-01-10T05:53:21.019Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
MSRC_CVE-2026-22693
Vulnerability from csaf_microsoft - Published: 2026-01-02 00:00 - Updated: 2026-01-20 14:47Summary
Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
5.3 (Medium)
Vendor Fix
8.3.0-4:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
https://learn.microsoft.com/en-us/azure/azure-lin…
References
| URL | Category | |
|---|---|---|
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-22693 Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-22693.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS",
"tracking": {
"current_release_date": "2026-01-20T14:47:26.000Z",
"generator": {
"date": "2026-02-18T14:43:41.733Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-22693",
"initial_release_date": "2026-01-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-01-11T01:02:53.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-01-13T01:02:50.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2026-01-13T01:45:08.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
},
{
"date": "2026-01-15T14:35:40.000Z",
"legacy_version": "4",
"number": "4",
"summary": "Information published."
},
{
"date": "2026-01-20T14:47:26.000Z",
"legacy_version": "5",
"number": "5",
"summary": "Information published."
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 harfbuzz 8.3.0-4",
"product": {
"name": "\u003cazl3 harfbuzz 8.3.0-4",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 harfbuzz 8.3.0-4",
"product": {
"name": "azl3 harfbuzz 8.3.0-4",
"product_id": "20833"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 harfbuzz 8.3.0-3",
"product": {
"name": "\u003cazl3 harfbuzz 8.3.0-3",
"product_id": "5"
}
},
{
"category": "product_version",
"name": "azl3 harfbuzz 8.3.0-3",
"product": {
"name": "azl3 harfbuzz 8.3.0-3",
"product_id": "17496"
}
}
],
"category": "product_name",
"name": "harfbuzz"
},
{
"category": "product_name",
"name": "cbl2 harfbuzz 3.4.0-3",
"product": {
"name": "cbl2 harfbuzz 3.4.0-3",
"product_id": "4"
}
},
{
"category": "product_name",
"name": "cbl2 qt5-qtbase 5.12.11-19",
"product": {
"name": "cbl2 qt5-qtbase 5.12.11-19",
"product_id": "2"
}
},
{
"category": "product_name",
"name": "azl3 qtbase 6.6.3-4",
"product": {
"name": "azl3 qtbase 6.6.3-4",
"product_id": "3"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 harfbuzz 8.3.0-4 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 harfbuzz 8.3.0-4 as a component of Azure Linux 3.0",
"product_id": "20833-17084"
},
"product_reference": "20833",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 harfbuzz 8.3.0-3 as a component of Azure Linux 3.0",
"product_id": "17084-5"
},
"product_reference": "5",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 harfbuzz 8.3.0-3 as a component of Azure Linux 3.0",
"product_id": "17496-17084"
},
"product_reference": "17496",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 harfbuzz 3.4.0-3 as a component of CBL Mariner 2.0",
"product_id": "17086-4"
},
"product_reference": "4",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 qt5-qtbase 5.12.11-19 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 qtbase 6.6.3-4 as a component of Azure Linux 3.0",
"product_id": "17084-3"
},
"product_reference": "3",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-22693",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17086-4"
]
},
{
"label": "vulnerable_code_not_in_execute_path",
"product_ids": [
"17086-2",
"17084-3"
]
}
],
"notes": [
{
"category": "general",
"text": "GitHub_M",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"20833-17084",
"17496-17084"
],
"known_affected": [
"17084-1",
"17084-5"
],
"known_not_affected": [
"17086-4",
"17086-2",
"17084-3"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-22693 Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-22693.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-11T01:02:53.000Z",
"details": "8.3.0-4:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-1",
"17084-5"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"17084-1",
"17084-5"
]
}
],
"title": "Null Pointer Dereference in SubtableUnicodesCache::create leading to DoS"
}
]
}
SUSE-SU-2026:0287-1
Vulnerability from csaf_suse - Published: 2026-01-23 23:35 - Updated: 2026-01-23 23:35Summary
Security update for harfbuzz
Severity
Moderate
Notes
Title of the patch: Security update for harfbuzz
Description of the patch: This update for harfbuzz fixes the following issues:
- CVE-2026-22693: Fixed a NULL pointer dereference in SubtableUnicodesCache::create (bsc#1256459).
Patchnames: SUSE-2026-287,SUSE-SLE-Module-Basesystem-15-SP7-2026-287,openSUSE-SLE-15.6-2026-287
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for harfbuzz",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for harfbuzz fixes the following issues:\n\n- CVE-2026-22693: Fixed a NULL pointer dereference in SubtableUnicodesCache::create (bsc#1256459).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-287,SUSE-SLE-Module-Basesystem-15-SP7-2026-287,openSUSE-SLE-15.6-2026-287",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0287-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0287-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260287-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0287-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023911.html"
},
{
"category": "self",
"summary": "SUSE Bug 1256459",
"url": "https://bugzilla.suse.com/1256459"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22693 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22693/"
}
],
"title": "Security update for harfbuzz",
"tracking": {
"current_release_date": "2026-01-23T23:35:49Z",
"generator": {
"date": "2026-01-23T23:35:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0287-1",
"initial_release_date": "2026-01-23T23:35:49Z",
"revision_history": [
{
"date": "2026-01-23T23:35:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.aarch64",
"product": {
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.aarch64",
"product_id": "harfbuzz-devel-8.3.0-150600.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "harfbuzz-tools-8.3.0-150600.3.3.1.aarch64",
"product": {
"name": "harfbuzz-tools-8.3.0-150600.3.3.1.aarch64",
"product_id": "harfbuzz-tools-8.3.0-150600.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.aarch64",
"product": {
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.aarch64",
"product_id": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.aarch64",
"product": {
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.aarch64",
"product_id": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.aarch64",
"product": {
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.aarch64",
"product_id": "libharfbuzz-icu0-8.3.0-150600.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.aarch64",
"product": {
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.aarch64",
"product_id": "libharfbuzz-subset0-8.3.0-150600.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-8.3.0-150600.3.3.1.aarch64",
"product": {
"name": "libharfbuzz0-8.3.0-150600.3.3.1.aarch64",
"product_id": "libharfbuzz0-8.3.0-150600.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.aarch64",
"product": {
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.aarch64",
"product_id": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libharfbuzz-cairo0-64bit-8.3.0-150600.3.3.1.aarch64_ilp32",
"product": {
"name": "libharfbuzz-cairo0-64bit-8.3.0-150600.3.3.1.aarch64_ilp32",
"product_id": "libharfbuzz-cairo0-64bit-8.3.0-150600.3.3.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libharfbuzz-gobject0-64bit-8.3.0-150600.3.3.1.aarch64_ilp32",
"product": {
"name": "libharfbuzz-gobject0-64bit-8.3.0-150600.3.3.1.aarch64_ilp32",
"product_id": "libharfbuzz-gobject0-64bit-8.3.0-150600.3.3.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libharfbuzz-icu0-64bit-8.3.0-150600.3.3.1.aarch64_ilp32",
"product": {
"name": "libharfbuzz-icu0-64bit-8.3.0-150600.3.3.1.aarch64_ilp32",
"product_id": "libharfbuzz-icu0-64bit-8.3.0-150600.3.3.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libharfbuzz-subset0-64bit-8.3.0-150600.3.3.1.aarch64_ilp32",
"product": {
"name": "libharfbuzz-subset0-64bit-8.3.0-150600.3.3.1.aarch64_ilp32",
"product_id": "libharfbuzz-subset0-64bit-8.3.0-150600.3.3.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-64bit-8.3.0-150600.3.3.1.aarch64_ilp32",
"product": {
"name": "libharfbuzz0-64bit-8.3.0-150600.3.3.1.aarch64_ilp32",
"product_id": "libharfbuzz0-64bit-8.3.0-150600.3.3.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.i586",
"product": {
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.i586",
"product_id": "harfbuzz-devel-8.3.0-150600.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "harfbuzz-tools-8.3.0-150600.3.3.1.i586",
"product": {
"name": "harfbuzz-tools-8.3.0-150600.3.3.1.i586",
"product_id": "harfbuzz-tools-8.3.0-150600.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.i586",
"product": {
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.i586",
"product_id": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.i586",
"product": {
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.i586",
"product_id": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.i586",
"product": {
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.i586",
"product_id": "libharfbuzz-icu0-8.3.0-150600.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.i586",
"product": {
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.i586",
"product_id": "libharfbuzz-subset0-8.3.0-150600.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-8.3.0-150600.3.3.1.i586",
"product": {
"name": "libharfbuzz0-8.3.0-150600.3.3.1.i586",
"product_id": "libharfbuzz0-8.3.0-150600.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.i586",
"product": {
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.i586",
"product_id": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.ppc64le",
"product": {
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.ppc64le",
"product_id": "harfbuzz-devel-8.3.0-150600.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "harfbuzz-tools-8.3.0-150600.3.3.1.ppc64le",
"product": {
"name": "harfbuzz-tools-8.3.0-150600.3.3.1.ppc64le",
"product_id": "harfbuzz-tools-8.3.0-150600.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.ppc64le",
"product": {
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.ppc64le",
"product_id": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.ppc64le",
"product": {
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.ppc64le",
"product_id": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.ppc64le",
"product": {
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.ppc64le",
"product_id": "libharfbuzz-icu0-8.3.0-150600.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.ppc64le",
"product": {
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.ppc64le",
"product_id": "libharfbuzz-subset0-8.3.0-150600.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-8.3.0-150600.3.3.1.ppc64le",
"product": {
"name": "libharfbuzz0-8.3.0-150600.3.3.1.ppc64le",
"product_id": "libharfbuzz0-8.3.0-150600.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.ppc64le",
"product": {
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.ppc64le",
"product_id": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.s390x",
"product": {
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.s390x",
"product_id": "harfbuzz-devel-8.3.0-150600.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "harfbuzz-tools-8.3.0-150600.3.3.1.s390x",
"product": {
"name": "harfbuzz-tools-8.3.0-150600.3.3.1.s390x",
"product_id": "harfbuzz-tools-8.3.0-150600.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.s390x",
"product": {
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.s390x",
"product_id": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.s390x",
"product": {
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.s390x",
"product_id": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.s390x",
"product": {
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.s390x",
"product_id": "libharfbuzz-icu0-8.3.0-150600.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.s390x",
"product": {
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.s390x",
"product_id": "libharfbuzz-subset0-8.3.0-150600.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-8.3.0-150600.3.3.1.s390x",
"product": {
"name": "libharfbuzz0-8.3.0-150600.3.3.1.s390x",
"product_id": "libharfbuzz0-8.3.0-150600.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.s390x",
"product": {
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.s390x",
"product_id": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.x86_64",
"product": {
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.x86_64",
"product_id": "harfbuzz-devel-8.3.0-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "harfbuzz-tools-8.3.0-150600.3.3.1.x86_64",
"product": {
"name": "harfbuzz-tools-8.3.0-150600.3.3.1.x86_64",
"product_id": "harfbuzz-tools-8.3.0-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.x86_64",
"product": {
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.x86_64",
"product_id": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-cairo0-32bit-8.3.0-150600.3.3.1.x86_64",
"product": {
"name": "libharfbuzz-cairo0-32bit-8.3.0-150600.3.3.1.x86_64",
"product_id": "libharfbuzz-cairo0-32bit-8.3.0-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.x86_64",
"product": {
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.x86_64",
"product_id": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-gobject0-32bit-8.3.0-150600.3.3.1.x86_64",
"product": {
"name": "libharfbuzz-gobject0-32bit-8.3.0-150600.3.3.1.x86_64",
"product_id": "libharfbuzz-gobject0-32bit-8.3.0-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.x86_64",
"product": {
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.x86_64",
"product_id": "libharfbuzz-icu0-8.3.0-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-icu0-32bit-8.3.0-150600.3.3.1.x86_64",
"product": {
"name": "libharfbuzz-icu0-32bit-8.3.0-150600.3.3.1.x86_64",
"product_id": "libharfbuzz-icu0-32bit-8.3.0-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.x86_64",
"product": {
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.x86_64",
"product_id": "libharfbuzz-subset0-8.3.0-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-subset0-32bit-8.3.0-150600.3.3.1.x86_64",
"product": {
"name": "libharfbuzz-subset0-32bit-8.3.0-150600.3.3.1.x86_64",
"product_id": "libharfbuzz-subset0-32bit-8.3.0-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-8.3.0-150600.3.3.1.x86_64",
"product": {
"name": "libharfbuzz0-8.3.0-150600.3.3.1.x86_64",
"product_id": "libharfbuzz0-8.3.0-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-32bit-8.3.0-150600.3.3.1.x86_64",
"product": {
"name": "libharfbuzz0-32bit-8.3.0-150600.3.3.1.x86_64",
"product_id": "libharfbuzz0-32bit-8.3.0-150600.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.x86_64",
"product": {
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.x86_64",
"product_id": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.aarch64"
},
"product_reference": "harfbuzz-devel-8.3.0-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.ppc64le"
},
"product_reference": "harfbuzz-devel-8.3.0-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.s390x"
},
"product_reference": "harfbuzz-devel-8.3.0-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "harfbuzz-devel-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.aarch64"
},
"product_reference": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.ppc64le"
},
"product_reference": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.s390x"
},
"product_reference": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.aarch64"
},
"product_reference": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.ppc64le"
},
"product_reference": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.s390x"
},
"product_reference": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.aarch64"
},
"product_reference": "libharfbuzz-icu0-8.3.0-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.ppc64le"
},
"product_reference": "libharfbuzz-icu0-8.3.0-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.s390x"
},
"product_reference": "libharfbuzz-icu0-8.3.0-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz-icu0-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.aarch64"
},
"product_reference": "libharfbuzz-subset0-8.3.0-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.ppc64le"
},
"product_reference": "libharfbuzz-subset0-8.3.0-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.s390x"
},
"product_reference": "libharfbuzz-subset0-8.3.0-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz-subset0-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-8.3.0-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.aarch64"
},
"product_reference": "libharfbuzz0-8.3.0-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-8.3.0-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.ppc64le"
},
"product_reference": "libharfbuzz0-8.3.0-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-8.3.0-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.s390x"
},
"product_reference": "libharfbuzz0-8.3.0-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-8.3.0-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz0-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-32bit-8.3.0-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-32bit-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz0-32bit-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.aarch64"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.ppc64le"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.s390x"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.aarch64"
},
"product_reference": "harfbuzz-devel-8.3.0-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.ppc64le"
},
"product_reference": "harfbuzz-devel-8.3.0-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.s390x"
},
"product_reference": "harfbuzz-devel-8.3.0-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-devel-8.3.0-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "harfbuzz-devel-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-tools-8.3.0-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.aarch64"
},
"product_reference": "harfbuzz-tools-8.3.0-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-tools-8.3.0-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.ppc64le"
},
"product_reference": "harfbuzz-tools-8.3.0-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-tools-8.3.0-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.s390x"
},
"product_reference": "harfbuzz-tools-8.3.0-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-tools-8.3.0-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "harfbuzz-tools-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.aarch64"
},
"product_reference": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.ppc64le"
},
"product_reference": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.s390x"
},
"product_reference": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz-cairo0-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-32bit-8.3.0-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-cairo0-32bit-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz-cairo0-32bit-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.aarch64"
},
"product_reference": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.ppc64le"
},
"product_reference": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.s390x"
},
"product_reference": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz-gobject0-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-32bit-8.3.0-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-gobject0-32bit-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz-gobject0-32bit-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.aarch64"
},
"product_reference": "libharfbuzz-icu0-8.3.0-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.ppc64le"
},
"product_reference": "libharfbuzz-icu0-8.3.0-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.s390x"
},
"product_reference": "libharfbuzz-icu0-8.3.0-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-8.3.0-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz-icu0-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-32bit-8.3.0-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-icu0-32bit-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz-icu0-32bit-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.aarch64"
},
"product_reference": "libharfbuzz-subset0-8.3.0-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.ppc64le"
},
"product_reference": "libharfbuzz-subset0-8.3.0-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.s390x"
},
"product_reference": "libharfbuzz-subset0-8.3.0-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-8.3.0-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz-subset0-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-32bit-8.3.0-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz-subset0-32bit-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz-subset0-32bit-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-8.3.0-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.aarch64"
},
"product_reference": "libharfbuzz0-8.3.0-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-8.3.0-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.ppc64le"
},
"product_reference": "libharfbuzz0-8.3.0-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-8.3.0-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.s390x"
},
"product_reference": "libharfbuzz0-8.3.0-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-8.3.0-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz0-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-32bit-8.3.0-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libharfbuzz0-32bit-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "libharfbuzz0-32bit-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.aarch64"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.ppc64le"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.s390x"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.x86_64"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-22693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22693"
}
],
"notes": [
{
"category": "general",
"text": "HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault. This issue has been patched in version 12.3.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-32bit-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-cairo0-32bit-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-gobject0-32bit-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-icu0-32bit-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-subset0-32bit-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz0-32bit-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22693",
"url": "https://www.suse.com/security/cve/CVE-2026-22693"
},
{
"category": "external",
"summary": "SUSE Bug 1256459 for CVE-2026-22693",
"url": "https://bugzilla.suse.com/1256459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-32bit-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-cairo0-32bit-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-gobject0-32bit-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-icu0-32bit-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-subset0-32bit-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz0-32bit-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:harfbuzz-devel-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-cairo0-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-gobject0-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-icu0-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz-subset0-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-32bit-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libharfbuzz0-8.3.0-150600.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:harfbuzz-devel-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:harfbuzz-tools-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-cairo0-32bit-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:libharfbuzz-cairo0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-gobject0-32bit-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:libharfbuzz-gobject0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-icu0-32bit-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:libharfbuzz-icu0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-subset0-32bit-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:libharfbuzz-subset0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz0-32bit-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:libharfbuzz0-8.3.0-150600.3.3.1.x86_64",
"openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.aarch64",
"openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.ppc64le",
"openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.s390x",
"openSUSE Leap 15.6:typelib-1_0-HarfBuzz-0_0-8.3.0-150600.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-23T23:35:49Z",
"details": "moderate"
}
],
"title": "CVE-2026-22693"
}
]
}
SUSE-SU-2026:20762-1
Vulnerability from csaf_suse - Published: 2026-03-20 15:24 - Updated: 2026-03-20 15:24Summary
Security update for harfbuzz
Severity
Moderate
Notes
Title of the patch: Security update for harfbuzz
Description of the patch: This update for harfbuzz fixes the following issues:
Update to version 11.4.5:
Security fixes:
- CVE-2026-22693: Fixed a NULL pointer dereference in SubtableUnicodesCache::create (bsc#1256459).
Other fixes:
- Bug fixes for “AAT” shaping, and other shaping micro
optimizations.
- Fix a shaping regression affecting mark glyphs in certain
fonts.
- Fix pruning of mark filtering sets when subsetting fonts, which
caused changes in shaping behaviour.
- Make shaping fail much faster for certain malformed fonts
(e.g., those that trigger infinite recursion).
- Fix undefined behaviour introduced in 11.4.2.
- Fix detection of the “Cambria Math” font when fonts are scaled,
so the workaround for the bad MATH table constant is applied.
- Various performance and memory usage improvements.
- The hb-shape command line tool can now be built with the
amalgamated harfbuzz.cc source.
- Fix regression in handling version 2 of avar table.
- Increase various buffer length limits for better handling of
fonts that generate huge number of glyphs per codepoint (e.g.
Noto Sans Duployan).
- Improvements to the harfrust shaper for more accurate testing.
- Fix clang compiler warnings.
- General shaping and subsetting speedups.
- Fix in Graphite shaping backend when glyph advances became
negative.
- Subsetting improvements, pruning empty mark-attachment lookups.
- Don't use the macro name _S, which is reserved by system
liberaries.
- Build fixes and speedup.
- Add a kbts shaping backend that calls into the kb_text_shape
single-header shaping library. This is purely for testing and
performance evaluation and we do NOT recommend using it for any
other purposes.
- Fix bug in vertical shaping of fonts without the vmtx table.
- Fix build with non-compliant C++11 compilers that don't
recognize the "and" keyword.
- Fix crasher in the glyph_v_origin function introduced in
11.3.0.
- Speed up handling fonts with very large number of variations.
- Speed up getting horizontal and vertical glyph advances by up
to 24%.
- Significantly speed up vertical text shaping.
- Various documentation improvements.
- Various build improvements.
- Various subsetting improvements.
- Various improvements to Rust font functions (fontations
integration) and shaper (HarfRust integration).
- Rename harfruzz option and shaper to harfrust following
upstream rename.
- Implement hb_face_reference_blob() for DirectWrite font
functions.
- Various build improvements.
- Fix build with HB_NO_DRAW and HB_NO_PAINT.
- Add an optional harfruzz shaper that uses HarfRuzz; an ongoing
Rust port of HarfBuzz shaping. This shaper is mainly used for
testing the output of the Rust implementation.
- Fix regression that caused applying unsafe_to_break() to the
whole buffer to be ignored.
- Update USE data files.
- Fix getting advances of out-of-rage glyph indices in
DirectWrite font functions.
- Painting of COLRv1 fonts without clip boxes is now about 10
times faster.
- Synthetic bold/slant of a sub font is now respected, instead of
using the parent’s.
- Glyph extents for fonts synthetic bold/slant are now accurately
calculated.
- Various build fixes.
- Include bidi mirroring variants of the requested codepoints
when subsetting. The new HB_SUBSET_FLAGS_NO_BIDI_CLOSURE can be
used to disable this behaviour.
- Various bug fixes.
- Various build fixes and improvements.
- Various test suite improvements.
- The change in version 10.3.0 to apply “trak” table tracking
values to glyph advances directly has been reverted as it
required every font functions implementation to handle it,
which breaks existing custom font functions. Tracking is
instead back to being applied during shaping.
- When directwrite integration is enabled, we now link to
dwrite.dll instead of dynamically loading it.
- A new experimental APIs for getting raw “CFF” and “CFF2”
CharStrings.
- We now provide manpages for the various command line utilities.
Building manpages requires “help2man” and will be skipped if it
is not present.
- The command line utilities now set different return value for
different kinds of failures. Details are provided in the
manpages.
- Various fixes and improvements to fontations font functions.
- All shaping operations using the ot shaper have become memory
allocation-free.
- Glyph extents returned by hb-ot and hb-ft font functions are
now rounded in stead of flooring/ceiling them, which also
matches what other font libraries do.
- Fix “AAT” deleted glyph marks interfering with fallback mark
positioning.
- Glyph outlines emboldening have been moved out of hb-ot and
hb-ft font functions to the HarfBuzz font layer, so that it
works with any font functions implementation.
- Fix our fallback C++11 atomics integration, which seems to not
be widely used.
- Various testing fixes and improvements.
- Various subsetting fixes and improvements.
- Various other fixes and improvements.
Patchnames: SUSE-SL-Micro-6.2-423
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for harfbuzz",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for harfbuzz fixes the following issues:\n\nUpdate to version 11.4.5:\n\nSecurity fixes:\n\n - CVE-2026-22693: Fixed a NULL pointer dereference in SubtableUnicodesCache::create (bsc#1256459).\n\nOther fixes:\n\n - Bug fixes for \u201cAAT\u201d shaping, and other shaping micro\n optimizations.\n - Fix a shaping regression affecting mark glyphs in certain\n fonts.\n - Fix pruning of mark filtering sets when subsetting fonts, which\n caused changes in shaping behaviour.\n - Make shaping fail much faster for certain malformed fonts\n (e.g., those that trigger infinite recursion).\n - Fix undefined behaviour introduced in 11.4.2.\n - Fix detection of the \u201cCambria Math\u201d font when fonts are scaled,\n so the workaround for the bad MATH table constant is applied.\n - Various performance and memory usage improvements.\n - The hb-shape command line tool can now be built with the\n amalgamated harfbuzz.cc source.\n - Fix regression in handling version 2 of avar table.\n - Increase various buffer length limits for better handling of\n fonts that generate huge number of glyphs per codepoint (e.g.\n Noto Sans Duployan).\n - Improvements to the harfrust shaper for more accurate testing.\n - Fix clang compiler warnings.\n - General shaping and subsetting speedups.\n - Fix in Graphite shaping backend when glyph advances became\n negative.\n - Subsetting improvements, pruning empty mark-attachment lookups.\n - Don\u0027t use the macro name _S, which is reserved by system\n liberaries.\n - Build fixes and speedup.\n - Add a kbts shaping backend that calls into the kb_text_shape\n single-header shaping library. This is purely for testing and\n performance evaluation and we do NOT recommend using it for any\n other purposes.\n - Fix bug in vertical shaping of fonts without the vmtx table.\n - Fix build with non-compliant C++11 compilers that don\u0027t\n recognize the \"and\" keyword.\n - Fix crasher in the glyph_v_origin function introduced in\n 11.3.0.\n - Speed up handling fonts with very large number of variations.\n - Speed up getting horizontal and vertical glyph advances by up\n to 24%.\n - Significantly speed up vertical text shaping.\n - Various documentation improvements.\n - Various build improvements.\n - Various subsetting improvements.\n - Various improvements to Rust font functions (fontations\n integration) and shaper (HarfRust integration).\n - Rename harfruzz option and shaper to harfrust following\n upstream rename.\n - Implement hb_face_reference_blob() for DirectWrite font\n functions.\n - Various build improvements.\n - Fix build with HB_NO_DRAW and HB_NO_PAINT.\n - Add an optional harfruzz shaper that uses HarfRuzz; an ongoing\n Rust port of HarfBuzz shaping. This shaper is mainly used for\n testing the output of the Rust implementation.\n - Fix regression that caused applying unsafe_to_break() to the\n whole buffer to be ignored.\n - Update USE data files.\n - Fix getting advances of out-of-rage glyph indices in\n DirectWrite font functions.\n - Painting of COLRv1 fonts without clip boxes is now about 10\n times faster.\n - Synthetic bold/slant of a sub font is now respected, instead of\n using the parent\u2019s.\n - Glyph extents for fonts synthetic bold/slant are now accurately\n calculated.\n - Various build fixes.\n - Include bidi mirroring variants of the requested codepoints\n when subsetting. The new HB_SUBSET_FLAGS_NO_BIDI_CLOSURE can be\n used to disable this behaviour.\n - Various bug fixes.\n - Various build fixes and improvements.\n - Various test suite improvements.\n - The change in version 10.3.0 to apply \u201ctrak\u201d table tracking\n values to glyph advances directly has been reverted as it\n required every font functions implementation to handle it,\n which breaks existing custom font functions. Tracking is\n instead back to being applied during shaping.\n - When directwrite integration is enabled, we now link to\n dwrite.dll instead of dynamically loading it.\n - A new experimental APIs for getting raw \u201cCFF\u201d and \u201cCFF2\u201d\n CharStrings.\n - We now provide manpages for the various command line utilities.\n Building manpages requires \u201chelp2man\u201d and will be skipped if it\n is not present.\n - The command line utilities now set different return value for\n different kinds of failures. Details are provided in the\n manpages.\n - Various fixes and improvements to fontations font functions.\n - All shaping operations using the ot shaper have become memory\n allocation-free.\n - Glyph extents returned by hb-ot and hb-ft font functions are\n now rounded in stead of flooring/ceiling them, which also\n matches what other font libraries do.\n - Fix \u201cAAT\u201d deleted glyph marks interfering with fallback mark\n positioning.\n - Glyph outlines emboldening have been moved out of hb-ot and\n hb-ft font functions to the HarfBuzz font layer, so that it\n works with any font functions implementation.\n - Fix our fallback C++11 atomics integration, which seems to not\n be widely used.\n - Various testing fixes and improvements.\n - Various subsetting fixes and improvements.\n - Various other fixes and improvements.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-423",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20762-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20762-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620762-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20762-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024824.html"
},
{
"category": "self",
"summary": "SUSE Bug 1256459",
"url": "https://bugzilla.suse.com/1256459"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22693 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22693/"
}
],
"title": "Security update for harfbuzz",
"tracking": {
"current_release_date": "2026-03-20T15:24:11Z",
"generator": {
"date": "2026-03-20T15:24:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20762-1",
"initial_release_date": "2026-03-20T15:24:11Z",
"revision_history": [
{
"date": "2026-03-20T15:24:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libharfbuzz-gobject0-11.4.5-160000.1.1.aarch64",
"product": {
"name": "libharfbuzz-gobject0-11.4.5-160000.1.1.aarch64",
"product_id": "libharfbuzz-gobject0-11.4.5-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-11.4.5-160000.1.1.aarch64",
"product": {
"name": "libharfbuzz0-11.4.5-160000.1.1.aarch64",
"product_id": "libharfbuzz0-11.4.5-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.aarch64",
"product": {
"name": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.aarch64",
"product_id": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libharfbuzz-gobject0-11.4.5-160000.1.1.ppc64le",
"product": {
"name": "libharfbuzz-gobject0-11.4.5-160000.1.1.ppc64le",
"product_id": "libharfbuzz-gobject0-11.4.5-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-11.4.5-160000.1.1.ppc64le",
"product": {
"name": "libharfbuzz0-11.4.5-160000.1.1.ppc64le",
"product_id": "libharfbuzz0-11.4.5-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.ppc64le",
"product": {
"name": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.ppc64le",
"product_id": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libharfbuzz-gobject0-11.4.5-160000.1.1.s390x",
"product": {
"name": "libharfbuzz-gobject0-11.4.5-160000.1.1.s390x",
"product_id": "libharfbuzz-gobject0-11.4.5-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-11.4.5-160000.1.1.s390x",
"product": {
"name": "libharfbuzz0-11.4.5-160000.1.1.s390x",
"product_id": "libharfbuzz0-11.4.5-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.s390x",
"product": {
"name": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.s390x",
"product_id": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libharfbuzz-gobject0-11.4.5-160000.1.1.x86_64",
"product": {
"name": "libharfbuzz-gobject0-11.4.5-160000.1.1.x86_64",
"product_id": "libharfbuzz-gobject0-11.4.5-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-11.4.5-160000.1.1.x86_64",
"product": {
"name": "libharfbuzz0-11.4.5-160000.1.1.x86_64",
"product_id": "libharfbuzz0-11.4.5-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.x86_64",
"product": {
"name": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.x86_64",
"product_id": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:transactional"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-11.4.5-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.aarch64"
},
"product_reference": "libharfbuzz-gobject0-11.4.5-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-11.4.5-160000.1.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.ppc64le"
},
"product_reference": "libharfbuzz-gobject0-11.4.5-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-11.4.5-160000.1.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.s390x"
},
"product_reference": "libharfbuzz-gobject0-11.4.5-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-11.4.5-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.x86_64"
},
"product_reference": "libharfbuzz-gobject0-11.4.5-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-11.4.5-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.aarch64"
},
"product_reference": "libharfbuzz0-11.4.5-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-11.4.5-160000.1.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.ppc64le"
},
"product_reference": "libharfbuzz0-11.4.5-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-11.4.5-160000.1.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.s390x"
},
"product_reference": "libharfbuzz0-11.4.5-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-11.4.5-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.x86_64"
},
"product_reference": "libharfbuzz0-11.4.5-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.aarch64"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.ppc64le"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.s390x"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.x86_64"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-22693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22693"
}
],
"notes": [
{
"category": "general",
"text": "HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault. This issue has been patched in version 12.3.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.s390x",
"SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22693",
"url": "https://www.suse.com/security/cve/CVE-2026-22693"
},
{
"category": "external",
"summary": "SUSE Bug 1256459 for CVE-2026-22693",
"url": "https://bugzilla.suse.com/1256459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.s390x",
"SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libharfbuzz-gobject0-11.4.5-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.s390x",
"SUSE Linux Micro 6.2:libharfbuzz0-11.4.5-160000.1.1.x86_64",
"SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.s390x",
"SUSE Linux Micro 6.2:typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-20T15:24:11Z",
"details": "moderate"
}
],
"title": "CVE-2026-22693"
}
]
}
FKIE_CVE-2026-22693
Vulnerability from fkie_nvd - Published: 2026-01-10 06:15 - Updated: 2026-02-18 17:49
Severity ?
Summary
HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault. This issue has been patched in version 12.3.0.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae | Patch | |
| security-advisories@github.com | https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-xvjr-f2r9-c7ww | Exploit, Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2026/01/11/1 | Exploit, Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2026/01/12/1 | Exploit, Mailing List, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| harfbuzz_project | harfbuzz | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:harfbuzz_project:harfbuzz:*:*:*:*:*:*:*:*",
"matchCriteriaId": "394555F9-FE83-460B-B30E-11AFE2B9C748",
"versionEndExcluding": "12.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault. This issue has been patched in version 12.3.0."
}
],
"id": "CVE-2026-22693",
"lastModified": "2026-02-18T17:49:22.590",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2026-01-10T06:15:52.063",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-xvjr-f2r9-c7ww"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2026/01/11/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2026/01/12/1"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
OPENSUSE-SU-2026:10065-1
Vulnerability from csaf_opensuse - Published: 2026-01-18 00:00 - Updated: 2026-01-18 00:00Summary
harfbuzz-devel-12.3.0-2.1 on GA media
Severity
Moderate
Notes
Title of the patch: harfbuzz-devel-12.3.0-2.1 on GA media
Description of the patch: These are all security issues fixed in the harfbuzz-devel-12.3.0-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10065
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "harfbuzz-devel-12.3.0-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the harfbuzz-devel-12.3.0-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10065",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10065-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-22693 page",
"url": "https://www.suse.com/security/cve/CVE-2026-22693/"
}
],
"title": "harfbuzz-devel-12.3.0-2.1 on GA media",
"tracking": {
"current_release_date": "2026-01-18T00:00:00Z",
"generator": {
"date": "2026-01-18T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10065-1",
"initial_release_date": "2026-01-18T00:00:00Z",
"revision_history": [
{
"date": "2026-01-18T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "harfbuzz-devel-12.3.0-2.1.aarch64",
"product": {
"name": "harfbuzz-devel-12.3.0-2.1.aarch64",
"product_id": "harfbuzz-devel-12.3.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "harfbuzz-tools-12.3.0-2.1.aarch64",
"product": {
"name": "harfbuzz-tools-12.3.0-2.1.aarch64",
"product_id": "harfbuzz-tools-12.3.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-cairo0-12.3.0-2.1.aarch64",
"product": {
"name": "libharfbuzz-cairo0-12.3.0-2.1.aarch64",
"product_id": "libharfbuzz-cairo0-12.3.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-cairo0-32bit-12.3.0-2.1.aarch64",
"product": {
"name": "libharfbuzz-cairo0-32bit-12.3.0-2.1.aarch64",
"product_id": "libharfbuzz-cairo0-32bit-12.3.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-gobject0-12.3.0-2.1.aarch64",
"product": {
"name": "libharfbuzz-gobject0-12.3.0-2.1.aarch64",
"product_id": "libharfbuzz-gobject0-12.3.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-gobject0-32bit-12.3.0-2.1.aarch64",
"product": {
"name": "libharfbuzz-gobject0-32bit-12.3.0-2.1.aarch64",
"product_id": "libharfbuzz-gobject0-32bit-12.3.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-icu0-12.3.0-2.1.aarch64",
"product": {
"name": "libharfbuzz-icu0-12.3.0-2.1.aarch64",
"product_id": "libharfbuzz-icu0-12.3.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-icu0-32bit-12.3.0-2.1.aarch64",
"product": {
"name": "libharfbuzz-icu0-32bit-12.3.0-2.1.aarch64",
"product_id": "libharfbuzz-icu0-32bit-12.3.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-subset0-12.3.0-2.1.aarch64",
"product": {
"name": "libharfbuzz-subset0-12.3.0-2.1.aarch64",
"product_id": "libharfbuzz-subset0-12.3.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-subset0-32bit-12.3.0-2.1.aarch64",
"product": {
"name": "libharfbuzz-subset0-32bit-12.3.0-2.1.aarch64",
"product_id": "libharfbuzz-subset0-32bit-12.3.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-12.3.0-2.1.aarch64",
"product": {
"name": "libharfbuzz0-12.3.0-2.1.aarch64",
"product_id": "libharfbuzz0-12.3.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-32bit-12.3.0-2.1.aarch64",
"product": {
"name": "libharfbuzz0-32bit-12.3.0-2.1.aarch64",
"product_id": "libharfbuzz0-32bit-12.3.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.aarch64",
"product": {
"name": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.aarch64",
"product_id": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "harfbuzz-devel-12.3.0-2.1.ppc64le",
"product": {
"name": "harfbuzz-devel-12.3.0-2.1.ppc64le",
"product_id": "harfbuzz-devel-12.3.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "harfbuzz-tools-12.3.0-2.1.ppc64le",
"product": {
"name": "harfbuzz-tools-12.3.0-2.1.ppc64le",
"product_id": "harfbuzz-tools-12.3.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz-cairo0-12.3.0-2.1.ppc64le",
"product": {
"name": "libharfbuzz-cairo0-12.3.0-2.1.ppc64le",
"product_id": "libharfbuzz-cairo0-12.3.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz-cairo0-32bit-12.3.0-2.1.ppc64le",
"product": {
"name": "libharfbuzz-cairo0-32bit-12.3.0-2.1.ppc64le",
"product_id": "libharfbuzz-cairo0-32bit-12.3.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz-gobject0-12.3.0-2.1.ppc64le",
"product": {
"name": "libharfbuzz-gobject0-12.3.0-2.1.ppc64le",
"product_id": "libharfbuzz-gobject0-12.3.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz-gobject0-32bit-12.3.0-2.1.ppc64le",
"product": {
"name": "libharfbuzz-gobject0-32bit-12.3.0-2.1.ppc64le",
"product_id": "libharfbuzz-gobject0-32bit-12.3.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz-icu0-12.3.0-2.1.ppc64le",
"product": {
"name": "libharfbuzz-icu0-12.3.0-2.1.ppc64le",
"product_id": "libharfbuzz-icu0-12.3.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz-icu0-32bit-12.3.0-2.1.ppc64le",
"product": {
"name": "libharfbuzz-icu0-32bit-12.3.0-2.1.ppc64le",
"product_id": "libharfbuzz-icu0-32bit-12.3.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz-subset0-12.3.0-2.1.ppc64le",
"product": {
"name": "libharfbuzz-subset0-12.3.0-2.1.ppc64le",
"product_id": "libharfbuzz-subset0-12.3.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz-subset0-32bit-12.3.0-2.1.ppc64le",
"product": {
"name": "libharfbuzz-subset0-32bit-12.3.0-2.1.ppc64le",
"product_id": "libharfbuzz-subset0-32bit-12.3.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-12.3.0-2.1.ppc64le",
"product": {
"name": "libharfbuzz0-12.3.0-2.1.ppc64le",
"product_id": "libharfbuzz0-12.3.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-32bit-12.3.0-2.1.ppc64le",
"product": {
"name": "libharfbuzz0-32bit-12.3.0-2.1.ppc64le",
"product_id": "libharfbuzz0-32bit-12.3.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.ppc64le",
"product": {
"name": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.ppc64le",
"product_id": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "harfbuzz-devel-12.3.0-2.1.s390x",
"product": {
"name": "harfbuzz-devel-12.3.0-2.1.s390x",
"product_id": "harfbuzz-devel-12.3.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "harfbuzz-tools-12.3.0-2.1.s390x",
"product": {
"name": "harfbuzz-tools-12.3.0-2.1.s390x",
"product_id": "harfbuzz-tools-12.3.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz-cairo0-12.3.0-2.1.s390x",
"product": {
"name": "libharfbuzz-cairo0-12.3.0-2.1.s390x",
"product_id": "libharfbuzz-cairo0-12.3.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz-cairo0-32bit-12.3.0-2.1.s390x",
"product": {
"name": "libharfbuzz-cairo0-32bit-12.3.0-2.1.s390x",
"product_id": "libharfbuzz-cairo0-32bit-12.3.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz-gobject0-12.3.0-2.1.s390x",
"product": {
"name": "libharfbuzz-gobject0-12.3.0-2.1.s390x",
"product_id": "libharfbuzz-gobject0-12.3.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz-gobject0-32bit-12.3.0-2.1.s390x",
"product": {
"name": "libharfbuzz-gobject0-32bit-12.3.0-2.1.s390x",
"product_id": "libharfbuzz-gobject0-32bit-12.3.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz-icu0-12.3.0-2.1.s390x",
"product": {
"name": "libharfbuzz-icu0-12.3.0-2.1.s390x",
"product_id": "libharfbuzz-icu0-12.3.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz-icu0-32bit-12.3.0-2.1.s390x",
"product": {
"name": "libharfbuzz-icu0-32bit-12.3.0-2.1.s390x",
"product_id": "libharfbuzz-icu0-32bit-12.3.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz-subset0-12.3.0-2.1.s390x",
"product": {
"name": "libharfbuzz-subset0-12.3.0-2.1.s390x",
"product_id": "libharfbuzz-subset0-12.3.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz-subset0-32bit-12.3.0-2.1.s390x",
"product": {
"name": "libharfbuzz-subset0-32bit-12.3.0-2.1.s390x",
"product_id": "libharfbuzz-subset0-32bit-12.3.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-12.3.0-2.1.s390x",
"product": {
"name": "libharfbuzz0-12.3.0-2.1.s390x",
"product_id": "libharfbuzz0-12.3.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-32bit-12.3.0-2.1.s390x",
"product": {
"name": "libharfbuzz0-32bit-12.3.0-2.1.s390x",
"product_id": "libharfbuzz0-32bit-12.3.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.s390x",
"product": {
"name": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.s390x",
"product_id": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "harfbuzz-devel-12.3.0-2.1.x86_64",
"product": {
"name": "harfbuzz-devel-12.3.0-2.1.x86_64",
"product_id": "harfbuzz-devel-12.3.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "harfbuzz-tools-12.3.0-2.1.x86_64",
"product": {
"name": "harfbuzz-tools-12.3.0-2.1.x86_64",
"product_id": "harfbuzz-tools-12.3.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-cairo0-12.3.0-2.1.x86_64",
"product": {
"name": "libharfbuzz-cairo0-12.3.0-2.1.x86_64",
"product_id": "libharfbuzz-cairo0-12.3.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-cairo0-32bit-12.3.0-2.1.x86_64",
"product": {
"name": "libharfbuzz-cairo0-32bit-12.3.0-2.1.x86_64",
"product_id": "libharfbuzz-cairo0-32bit-12.3.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-gobject0-12.3.0-2.1.x86_64",
"product": {
"name": "libharfbuzz-gobject0-12.3.0-2.1.x86_64",
"product_id": "libharfbuzz-gobject0-12.3.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-gobject0-32bit-12.3.0-2.1.x86_64",
"product": {
"name": "libharfbuzz-gobject0-32bit-12.3.0-2.1.x86_64",
"product_id": "libharfbuzz-gobject0-32bit-12.3.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-icu0-12.3.0-2.1.x86_64",
"product": {
"name": "libharfbuzz-icu0-12.3.0-2.1.x86_64",
"product_id": "libharfbuzz-icu0-12.3.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-icu0-32bit-12.3.0-2.1.x86_64",
"product": {
"name": "libharfbuzz-icu0-32bit-12.3.0-2.1.x86_64",
"product_id": "libharfbuzz-icu0-32bit-12.3.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-subset0-12.3.0-2.1.x86_64",
"product": {
"name": "libharfbuzz-subset0-12.3.0-2.1.x86_64",
"product_id": "libharfbuzz-subset0-12.3.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz-subset0-32bit-12.3.0-2.1.x86_64",
"product": {
"name": "libharfbuzz-subset0-32bit-12.3.0-2.1.x86_64",
"product_id": "libharfbuzz-subset0-32bit-12.3.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-12.3.0-2.1.x86_64",
"product": {
"name": "libharfbuzz0-12.3.0-2.1.x86_64",
"product_id": "libharfbuzz0-12.3.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libharfbuzz0-32bit-12.3.0-2.1.x86_64",
"product": {
"name": "libharfbuzz0-32bit-12.3.0-2.1.x86_64",
"product_id": "libharfbuzz0-32bit-12.3.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.x86_64",
"product": {
"name": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.x86_64",
"product_id": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-devel-12.3.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.aarch64"
},
"product_reference": "harfbuzz-devel-12.3.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-devel-12.3.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.ppc64le"
},
"product_reference": "harfbuzz-devel-12.3.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-devel-12.3.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.s390x"
},
"product_reference": "harfbuzz-devel-12.3.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-devel-12.3.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.x86_64"
},
"product_reference": "harfbuzz-devel-12.3.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-tools-12.3.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.aarch64"
},
"product_reference": "harfbuzz-tools-12.3.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-tools-12.3.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.ppc64le"
},
"product_reference": "harfbuzz-tools-12.3.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-tools-12.3.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.s390x"
},
"product_reference": "harfbuzz-tools-12.3.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "harfbuzz-tools-12.3.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.x86_64"
},
"product_reference": "harfbuzz-tools-12.3.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-12.3.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.aarch64"
},
"product_reference": "libharfbuzz-cairo0-12.3.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-12.3.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.ppc64le"
},
"product_reference": "libharfbuzz-cairo0-12.3.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-12.3.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.s390x"
},
"product_reference": "libharfbuzz-cairo0-12.3.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-12.3.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.x86_64"
},
"product_reference": "libharfbuzz-cairo0-12.3.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-32bit-12.3.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.aarch64"
},
"product_reference": "libharfbuzz-cairo0-32bit-12.3.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-32bit-12.3.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.ppc64le"
},
"product_reference": "libharfbuzz-cairo0-32bit-12.3.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-32bit-12.3.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.s390x"
},
"product_reference": "libharfbuzz-cairo0-32bit-12.3.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-cairo0-32bit-12.3.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.x86_64"
},
"product_reference": "libharfbuzz-cairo0-32bit-12.3.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-12.3.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.aarch64"
},
"product_reference": "libharfbuzz-gobject0-12.3.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-12.3.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.ppc64le"
},
"product_reference": "libharfbuzz-gobject0-12.3.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-12.3.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.s390x"
},
"product_reference": "libharfbuzz-gobject0-12.3.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-12.3.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.x86_64"
},
"product_reference": "libharfbuzz-gobject0-12.3.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-32bit-12.3.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.aarch64"
},
"product_reference": "libharfbuzz-gobject0-32bit-12.3.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-32bit-12.3.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.ppc64le"
},
"product_reference": "libharfbuzz-gobject0-32bit-12.3.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-32bit-12.3.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.s390x"
},
"product_reference": "libharfbuzz-gobject0-32bit-12.3.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-gobject0-32bit-12.3.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.x86_64"
},
"product_reference": "libharfbuzz-gobject0-32bit-12.3.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-12.3.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.aarch64"
},
"product_reference": "libharfbuzz-icu0-12.3.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-12.3.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.ppc64le"
},
"product_reference": "libharfbuzz-icu0-12.3.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-12.3.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.s390x"
},
"product_reference": "libharfbuzz-icu0-12.3.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-12.3.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.x86_64"
},
"product_reference": "libharfbuzz-icu0-12.3.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-32bit-12.3.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.aarch64"
},
"product_reference": "libharfbuzz-icu0-32bit-12.3.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-32bit-12.3.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.ppc64le"
},
"product_reference": "libharfbuzz-icu0-32bit-12.3.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-32bit-12.3.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.s390x"
},
"product_reference": "libharfbuzz-icu0-32bit-12.3.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-icu0-32bit-12.3.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.x86_64"
},
"product_reference": "libharfbuzz-icu0-32bit-12.3.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-12.3.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.aarch64"
},
"product_reference": "libharfbuzz-subset0-12.3.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-12.3.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.ppc64le"
},
"product_reference": "libharfbuzz-subset0-12.3.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-12.3.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.s390x"
},
"product_reference": "libharfbuzz-subset0-12.3.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-12.3.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.x86_64"
},
"product_reference": "libharfbuzz-subset0-12.3.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-32bit-12.3.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.aarch64"
},
"product_reference": "libharfbuzz-subset0-32bit-12.3.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-32bit-12.3.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.ppc64le"
},
"product_reference": "libharfbuzz-subset0-32bit-12.3.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-32bit-12.3.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.s390x"
},
"product_reference": "libharfbuzz-subset0-32bit-12.3.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz-subset0-32bit-12.3.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.x86_64"
},
"product_reference": "libharfbuzz-subset0-32bit-12.3.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-12.3.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.aarch64"
},
"product_reference": "libharfbuzz0-12.3.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-12.3.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.ppc64le"
},
"product_reference": "libharfbuzz0-12.3.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-12.3.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.s390x"
},
"product_reference": "libharfbuzz0-12.3.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-12.3.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.x86_64"
},
"product_reference": "libharfbuzz0-12.3.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-32bit-12.3.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.aarch64"
},
"product_reference": "libharfbuzz0-32bit-12.3.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-32bit-12.3.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.ppc64le"
},
"product_reference": "libharfbuzz0-32bit-12.3.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-32bit-12.3.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.s390x"
},
"product_reference": "libharfbuzz0-32bit-12.3.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libharfbuzz0-32bit-12.3.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.x86_64"
},
"product_reference": "libharfbuzz0-32bit-12.3.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.aarch64"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.ppc64le"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.s390x"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.x86_64"
},
"product_reference": "typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-22693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-22693"
}
],
"notes": [
{
"category": "general",
"text": "HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault. This issue has been patched in version 12.3.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-22693",
"url": "https://www.suse.com/security/cve/CVE-2026-22693"
},
{
"category": "external",
"summary": "SUSE Bug 1256459 for CVE-2026-22693",
"url": "https://bugzilla.suse.com/1256459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:harfbuzz-devel-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:harfbuzz-tools-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-cairo0-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-cairo0-32bit-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-gobject0-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-gobject0-32bit-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-icu0-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-icu0-32bit-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-subset0-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz-subset0-32bit-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz0-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:libharfbuzz0-32bit-12.3.0-2.1.x86_64",
"openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.aarch64",
"openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.ppc64le",
"openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.s390x",
"openSUSE Tumbleweed:typelib-1_0-HarfBuzz-0_0-12.3.0-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-18T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-22693"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…