Debian Linux Security Advisory 2019-1 – Marc Schoenefeld discovered an improper input sanitization in Pango, a library for layout and rendering of text, leading to array indexing error. If a local user was tricked into loading a specially-crafted font file in an application, using the Pango font rendering library, it could lead to denial of service (application crash).
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/87487/dsa-2019-1.txt
Source: https://packetstormsecurity.com/files/87487/Debian-Linux-Security-Advisory-2019-1.html