<div class="container">
<h1>Security update for harfbuzz</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2026:20762-1</td>
</tr>
<tr>
<th>Release Date:</th>
<td>2026-03-20T15:28:08Z</td>
</tr>
<tr>
<th>Rating:</th>
<td>moderate</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1256459">bsc#1256459</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2026-22693.html">CVE-2026-22693</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span class="cvss-reference">CVE-2026-22693</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">6.9</span>
<span class="cvss-vector">CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2026-22693</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">5.3</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2026-22693</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">5.3</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">SUSE Linux Micro 6.2</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves one vulnerability can now be installed.</p>
<h2>Description:</h2>
<p>This update for harfbuzz fixes the following issues:</p>
<p>Update to version 11.4.5:</p>
<p>Security fixes:</p>
<ul>
<li>CVE-2026-22693: Fixed a NULL pointer dereference in SubtableUnicodesCache::create (bsc#1256459).</li>
</ul>
<p>Other fixes:</p>
<ul>
<li>Bug fixes for “AAT” shaping, and other shaping micro
optimizations.</li>
<li>Fix a shaping regression affecting mark glyphs in certain
fonts.</li>
<li>Fix pruning of mark filtering sets when subsetting fonts, which
caused changes in shaping behaviour.</li>
<li>Make shaping fail much faster for certain malformed fonts
(e.g., those that trigger infinite recursion).</li>
<li>Fix undefined behaviour introduced in 11.4.2.</li>
<li>Fix detection of the “Cambria Math” font when fonts are scaled,
so the workaround for the bad MATH table constant is applied.</li>
<li>Various performance and memory usage improvements.</li>
<li>The hb-shape command line tool can now be built with the
amalgamated harfbuzz.cc source.</li>
<li>Fix regression in handling version 2 of avar table.</li>
<li>Increase various buffer length limits for better handling of
fonts that generate huge number of glyphs per codepoint (e.g.
Noto Sans Duployan).</li>
<li>Improvements to the harfrust shaper for more accurate testing.</li>
<li>Fix clang compiler warnings.</li>
<li>General shaping and subsetting speedups.</li>
<li>Fix in Graphite shaping backend when glyph advances became
negative.</li>
<li>Subsetting improvements, pruning empty mark-attachment lookups.</li>
<li>Don't use the macro name _S, which is reserved by system
liberaries.</li>
<li>Build fixes and speedup.</li>
<li>Add a kbts shaping backend that calls into the kb_text_shape
single-header shaping library. This is purely for testing and
performance evaluation and we do NOT recommend using it for any
other purposes.</li>
<li>Fix bug in vertical shaping of fonts without the vmtx table.</li>
<li>Fix build with non-compliant C++11 compilers that don't
recognize the "and" keyword.</li>
<li>Fix crasher in the glyph_v_origin function introduced in
11.3.0.</li>
<li>Speed up handling fonts with very large number of variations.</li>
<li>Speed up getting horizontal and vertical glyph advances by up
to 24%.</li>
<li>Significantly speed up vertical text shaping.</li>
<li>Various documentation improvements.</li>
<li>Various build improvements.</li>
<li>Various subsetting improvements.</li>
<li>Various improvements to Rust font functions (fontations
integration) and shaper (HarfRust integration).</li>
<li>Rename harfruzz option and shaper to harfrust following
upstream rename.</li>
<li>Implement hb_face_reference_blob() for DirectWrite font
functions.</li>
<li>Various build improvements.</li>
<li>Fix build with HB_NO_DRAW and HB_NO_PAINT.</li>
<li>Add an optional harfruzz shaper that uses HarfRuzz; an ongoing
Rust port of HarfBuzz shaping. This shaper is mainly used for
testing the output of the Rust implementation.</li>
<li>Fix regression that caused applying unsafe_to_break() to the
whole buffer to be ignored.</li>
<li>Update USE data files.</li>
<li>Fix getting advances of out-of-rage glyph indices in
DirectWrite font functions.</li>
<li>Painting of COLRv1 fonts without clip boxes is now about 10
times faster.</li>
<li>Synthetic bold/slant of a sub font is now respected, instead of
using the parent’s.</li>
<li>Glyph extents for fonts synthetic bold/slant are now accurately
calculated.</li>
<li>Various build fixes.</li>
<li>Include bidi mirroring variants of the requested codepoints
when subsetting. The new HB_SUBSET_FLAGS_NO_BIDI_CLOSURE can be
used to disable this behaviour.</li>
<li>Various bug fixes.</li>
<li>Various build fixes and improvements.</li>
<li>Various test suite improvements.</li>
<li>The change in version 10.3.0 to apply “trak” table tracking
values to glyph advances directly has been reverted as it
required every font functions implementation to handle it,
which breaks existing custom font functions. Tracking is
instead back to being applied during shaping.</li>
<li>When directwrite integration is enabled, we now link to
dwrite.dll instead of dynamically loading it.</li>
<li>A new experimental APIs for getting raw “CFF” and “CFF2”
CharStrings.</li>
<li>We now provide manpages for the various command line utilities.
Building manpages requires “help2man” and will be skipped if it
is not present.</li>
<li>The command line utilities now set different return value for
different kinds of failures. Details are provided in the
manpages.</li>
<li>Various fixes and improvements to fontations font functions.</li>
<li>All shaping operations using the ot shaper have become memory
allocation-free.</li>
<li>Glyph extents returned by hb-ot and hb-ft font functions are
now rounded in stead of flooring/ceiling them, which also
matches what other font libraries do.</li>
<li>Fix “AAT” deleted glyph marks interfering with fallback mark
positioning.</li>
<li>Glyph outlines emboldening have been moved out of hb-ot and
hb-ft font functions to the HarfBuzz font layer, so that it
works with any font functions implementation.</li>
<li>Fix our fallback C++11 atomics integration, which seems to not
be widely used.</li>
<li>Various testing fixes and improvements.</li>
<li>Various subsetting fixes and improvements.</li>
<li>Various other fixes and improvements.</li>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
SUSE Linux Micro 6.2
<br/>
<code>zypper in -t patch SUSE-SL-Micro-6.2-423=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64)
<ul>
<li>libharfbuzz0-11.4.5-160000.1.1</li>
<li>libharfbuzz-gobject0-debuginfo-11.4.5-160000.1.1</li>
<li>typelib-1_0-HarfBuzz-0_0-11.4.5-160000.1.1</li>
<li>libharfbuzz-gobject0-11.4.5-160000.1.1</li>
<li>libharfbuzz0-debuginfo-11.4.5-160000.1.1</li>
<li>harfbuzz-debugsource-11.4.5-160000.1.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2026-22693.html">https://www.suse.com/security/cve/CVE-2026-22693.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1256459">https://bugzilla.suse.com/show_bug.cgi?id=1256459</a>
</li>
</ul>
</div>