Re: Bug#1010304: bullseye-pu: package freetype/2.10.4+dfsg-1+deb11u1
Control: tags -1 + confirmed d-i
On Thu, 2022-04-28 at 22:21 +1000, Hugh McMaster wrote:
> This update fixes three security vulnerabilities in FreeType
> 2.10.4+dfsg-1.
>
> - CVE-2022-27404: heap buffer overflow via invalid integer decrement
> in
> sfnt_init_face() and woff2_open_font().
> - CVE-2022-27405: segmentation violation via ft_open_face_internal()
> when
> attempting to read the value of FT_LONG face_index.
> - CVE-2022-27406: segmentation violation via FT_Request_Size() when
> attempting
> to read the value of an unguarded face size handle.
>
> It would be ideal to get these fixes into Bullseye.
This looks OK to me, but as freetype builds a udeb it will want a KiBi-
ack; CCed and tagging accordingly.
Regards,
Adam
Reply to: