There is 1 open security issue in bookworm.
1 issue left for the package maintainer to handle:
- CVE-2023-25193:
(needs triaging)
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
You can find information about how to handle this issue in the security team's documentation.