oss-sec mailing list archives
CVE Request - Multiple security fixes in freetype - 2.4.11
From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Tue, 25 Dec 2012 07:28:13 +0530
Merry Christmas! Multiple security issues were reported by Mateusz Jurczyk of Google security team. These have been fixed in freetype 2.4.11 Details are as follows. * NULL Pointer Dereference in bdf_free_font Bug: https://savannah.nongnu.org/bugs/?37905 Patch: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9b6b5754b57c12b820e01305eb69b8863a161e5a * Out-of-bounds read in _bdf_parse_glyphs Bug: https://savannah.nongnu.org/bugs/?37906 Patch: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d * Out-of-bounds write in _bdf_parse_glyphs Bug: https://savannah.nongnu.org/bugs/?37907 Patch: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7f2e4f4f553f6836be7683f66226afac3fa979b8 Can CVEs be please assigned to these issues? Thanks! -- Huzaifa Sidhpurwala / Red Hat Security Response Team
Current thread:
- CVE Request - Multiple security fixes in freetype - 2.4.11 Huzaifa Sidhpurwala (Dec 24)
- Re: CVE Request - Multiple security fixes in freetype - 2.4.11 Kurt Seifried (Dec 24)