Alex Murray discovered a stack-based buffer overflow vulnerability in
fribidi, an implementation of the Unicode Bidirectional Algorithm
algorithm, which could result in denial of service or potentially the
execution of arbitrary code, when processing a large number of unicode
isolate directional characters.
For the stable distribution (buster), this problem has been fixed in
We recommend that you upgrade your fribidi packages.