)]}'
{
  "commit": "854c274048e554becaf644d85366fc2f0a91a3fb",
  "tree": "c2e24de0512075d2386b38af841a3670593b987f",
  "parents": [
    "96edba0fa84213a8c3cefe5d25fcc0a7c75b6a66"
  ],
  "author": {
    "name": "Damien Neil",
    "email": "dneil@google.com",
    "time": "Fri Mar 27 16:38:36 2026 -0700"
  },
  "committer": {
    "name": "Gopher Robot",
    "email": "gobot@golang.org",
    "time": "Wed Apr 01 08:26:44 2026 -0700"
  },
  "message": "font/sfnt: apply bounds checks before allocating read buffer\n\nWhen using ReadAt to read more than 1MiB of data from a font file,\nverify that the file contains the data before allocating the\nread buffer. Avoids excessive memory allocation when parsing corrupt\nor malicious font files.\n\nThanks to Andy Gill, ZephrSec Ltd for reporting this issue.\n\nFixes golang/go#78382\nFixes CVE-2026-33812\n\nChange-Id: Icd5e7388661a76a6af800f0ba0b728c46a6a6964\nReviewed-on: https://go-review.googlesource.com/c/image/+/761180\nLUCI-TryBot-Result: Go LUCI \u003cgolang-scoped@luci-project-accounts.iam.gserviceaccount.com\u003e\nAuto-Submit: Damien Neil \u003cdneil@google.com\u003e\nReviewed-by: Neal Patel \u003cnealpatel@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "8ed19e21a9fd1cd913e68ef491b27b993b3f72ba",
      "old_mode": 33188,
      "old_path": "font/sfnt/sfnt.go",
      "new_id": "d1ef8a6a0844652337ad4b62aee537580402d96a",
      "new_mode": 33188,
      "new_path": "font/sfnt/sfnt.go"
    }
  ]
}