oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

FreeType malformed compressed data issue

From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 16 Apr 2009 13:08:34 -0400 (EDT)

I'm processing CVE-2009-0946 for the various integer overflows found by
Tavis Ormandy for FreeType, as captured in:

  https://bugzilla.redhat.com/show_bug.cgi?id=491384

But there's also this commit:

    http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0a05ba257b6ddd87dacf8d54b626e4b360e0a596

This bug doesn't smell exactly like an integer overflow, but there's not
enough immediate context to tell.  Is this a different bug type?  If so,
it needs a new CVE.

- Steve
Previous By Date Next
Previous By Thread Next

Current thread: