Vulnerability In Font Processing Library Affects Linux, OpenOffice, Firefox

An anonymous reader writes: If an application can embed fonts with special characters, then it's probably using the Graphite font processing library. This library has several security issues which an attacker can leverage to take control of your OS via remote code execution scenarios. The simple attack would be to deliver a malicious font via a Web page's CSS. The malformed font loads in Firefox, triggers the RCE exploit, and voila, your PC has a hole inside through which malware can creep in.

Re:Another buffer overflow

I get that you clearly have an axe to grind about Rust for some reason, but you have not explained why it isn't viable. It's impossible to take you seriously when you make empty claims about Servo "going nowhere" when components written in Rust for Servo are being added to Firefox as we speak, or that Rust's syntax is "a step backward" from the likes of C++ or PHP, or argue that you might as well use C++ instead, despite the fact that C++ offers too many convenient footguns to make such a thing viable without expensive static analysis tools to make sure you aren't screwing up... which Rust offers built-in as part of the compilation process.

It honestly sounds like you're just unwilling to acknowledge Rust because Mozilla did something to piss you off. Maybe they removed a feature from Firefox you don't like, or maybe you just think they should have pushed Rust out the door faster than any other advanced language, or maybe you just don't like some people working on Rust or at Mozilla. At any rate, you are doing a piss poor job of convincing anybody as to what Rust's actual flaws are. The standard library not being as mature as the ones in older languages? That's really the only substantive thing you've mentioned here that doesn't smack of petty sensationalism.