Re: [SECURITY] [DLA 918-1] freetype security update

To: Bolesław Tokarski <btokarski@opera.com>
Cc: debian-lts@lists.debian.org
Subject: Re: [SECURITY] [DLA 918-1] freetype security update
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 27 Apr 2017 11:17:59 +0200
Message-id: <[🔎] 20170427091759.GA6844@lorien.valinor.li>
Mail-followup-to: Bolesław Tokarski <btokarski@opera.com>, debian-lts@lists.debian.org
In-reply-to: <[🔎] 5681174.NNBnHsykpM@btokarski>
References: <853dcb16-7b78-fddd-29c0-4bad6bea3c7d@debian.org> <[🔎] 5681174.NNBnHsykpM@btokarski>

Hi,

On Thu, Apr 27, 2017 at 10:55:51AM +0200, Bolesław Tokarski wrote:
> Hi, Emilio,
> 
> > It was found that an out of bounds write caused by a heap-based buffer
> > overflow could be triggered in freetype via a crafted font.
> 
> Thank you for the fixed packages and for the patch related. It's very 
> convenient to have somebody do the patching for me.
> 
> > This update also reverts the fix for CVE-2016-10328, as it was
> > determined that freetype 2.4.9 is not affected by that issue.
> 
> I'm curious to see the version scope/some proof of a particular version not 
> being affected by CVE-2016-10328.

The particular issue was introduced in
https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=010e0614f2effe058855aacfc3e61c71e1cb5739
and fixed in
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=beecf80a6deecbaf5d264d4f864451bde4fe98b8
.

Cf. as well https://bugs.debian.org/860303#36

Hope this helps,

Regards,
Salvatore

Reply to:

References:
- Re: [SECURITY] [DLA 918-1] freetype security update
  - From: Bolesław Tokarski <btokarski@opera.com>

Prev by Date: Re: [SECURITY] [DLA 918-1] freetype security update
Next by Date: Re: [SECURITY] [DLA 918-1] freetype security update
Previous by thread: Re: [SECURITY] [DLA 918-1] freetype security update
Next by thread: Wheezy update of mysql-connector-java?
Index(es):
- Date
- Thread