[Bug 890094] CVE-2012-5670 freetype: Out-of-bounds write in _bdf_parse_glyphs() (#37907)
by Red Hat Bugzilla
Product: Security Response
https://bugzilla.redhat.com/show_bug.cgi?id=890094
Huzaifa S. Sidhpurwala <huzaifas(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=important,public=201 |impact=important,public=201
|21215,reported=20121231,sou |21215,reported=20121231,sou
|rce=internet,cvss2=6.8/AV:N |rce=internet,cvss2=6.8/AV:N
|/AC:M/Au:N/C:P/I:P/A:P,rhel |/AC:M/Au:N/C:P/I:P/A:P,rhel
|-5/freetype=new,rhel-6/free |-5/freetype=notaffected,rhe
|type=new,fedora-all/freetyp |l-6/freetype=notaffected,fe
|e=new,fedora-all/mingw32-fr |dora-all/freetype=notaffect
|eetype=new |ed,fedora-all/mingw32-freet
| |ype=notaffected
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=WH9oIoCREv&a=cc_unsubscribe
11 years, 4 months
[Bug 799565] New: Lohit Malayalam font does not have support for 0D4E MALAYALAM LETTER DOT REPH
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: Lohit Malayalam font does not have support for 0D4E MALAYALAM LETTER DOT REPH
https://bugzilla.redhat.com/show_bug.cgi?id=799565
Summary: Lohit Malayalam font does not have support for 0D4E
MALAYALAM LETTER DOT REPH
Product: Fedora
Version: 16
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: unspecified
Priority: unspecified
Component: lohit-malayalam-fonts
AssignedTo: psatpute(a)redhat.com
ReportedBy: samjnaa(a)gmail.com
QAContact: extras-qa(a)fedoraproject.org
CC: fonts-bugs(a)lists.fedoraproject.org,
psatpute(a)redhat.com, i18n-bugs(a)lists.fedoraproject.org
Classification: Fedora
Story Points: ---
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Description of problem:
It was announced
(https://www.redhat.com/archives/lohit-devel-list/2012-February/msg00011.html)
that the latest 2.5.1 version Lohit fonts support latest Unicode 6.0
characters. Especially Malayalam was also mentioned.
However I find that the Lohit Malayalam 2.5.1 release downloadable from
https://fedorahosted.org/releases/l/o/lohit/lohit-malayalam-ttf-2.5.1.tar.gz
does NOT provide support for 0D4E MALAYALAM LETTER DOT REPH.
As this is one of the three Malayalam characters encoded for Unicode 6.0 (see
http://www.unicode.org/Public/UNIDATA/DerivedAge.txt and search for 0D4E) it
should also be supported.
[The other two characters are provided but 0D3A has a wrong glyph which I have
reported as bug 798870.]
Version-Release number of selected component (if applicable):
2.5.1
Steps to Reproduce:
1. Install Lohit Malayalam 2.5.1 font.
2. Try to use 0D4E MALAYALAM LETTER DOT REPH
Actual results:
This character is not available.
Expected results:
This character was encoded to support the old Malayalam orthography. As such it
should be made available for full Unicode 6.0 (or 6.1) support.
Additional info:
You might need to do some smart font programming to position the dot reph
correctly. Note that this character is a special rendering character (hence the
dotted box around it in the code chart
http://www.unicode.org/charts/PDF/U0D00.pdf).
The special rendering is that it should be placed on top of the character
*following* it. See the original proposal bottom of page 3 and top of page 4.
I think the e-Malayalam OTC font
(http://www.aai.uni-hamburg.de/indtib/INDOLIPI/Malayalam.zip) has pre-composed
glyphs using this character on top of other consonants which might help you in
positioning this character. Note that most often it is found with doubled
consonants (i.e. DOT_REPH + GA + VIRAMA + GA etc) so you will have to be able
to position this character above stacked consonant clusters.
I hope this is sufficient feedback for supporting this character which is
important for old Malayalam orthography.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
11 years, 4 months
[freetype] Update to 2.4.11
by mkasik
commit 9e2b1b633365c6d17e3cfe9d5b9a5523ae01b243
Author: Marek Kasik <mkasik(a)redhat.com>
Date: Wed Jan 2 17:27:31 2013 +0100
Update to 2.4.11
Resolves: #889177
.gitignore | 3 +++
freetype.spec | 8 ++++++--
sources | 6 +++---
3 files changed, 12 insertions(+), 5 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index cdcba4d..0609c9e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -28,3 +28,6 @@ ft2demos-2.4.2.tar.bz2
/freetype-2.4.10.tar.bz2
/freetype-doc-2.4.10.tar.bz2
/ft2demos-2.4.10.tar.bz2
+/freetype-2.4.11.tar.bz2
+/freetype-doc-2.4.11.tar.bz2
+/ft2demos-2.4.11.tar.bz2
diff --git a/freetype.spec b/freetype.spec
index 3a178c3..d3eb5c9 100644
--- a/freetype.spec
+++ b/freetype.spec
@@ -6,8 +6,8 @@
Summary: A free and portable font rendering engine
Name: freetype
-Version: 2.4.10
-Release: 3%{?dist}
+Version: 2.4.11
+Release: 1%{?dist}
License: (FTL or GPLv2+) and BSD and MIT and Public Domain and zlib with acknowledgement
Group: System Environment/Libraries
URL: http://www.freetype.org
@@ -216,6 +216,10 @@ rm -rf $RPM_BUILD_ROOT
%doc docs/tutorial
%changelog
+* Wed Jan 2 2013 Marek Kasik <mkasik(a)redhat.com> - 2.4.11-1
+- Update to 2.4.11
+- Resolves: #889177
+
* Wed Oct 24 2012 Marek Kasik <mkasik(a)redhat.com> - 2.4.10-3
- Update License field
diff --git a/sources b/sources
index 4f962a7..b71ef74 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-13286702e9390a91661f980608adaff1 freetype-2.4.10.tar.bz2
-2611613f2b1d0d846c6b33d49d4933ed freetype-doc-2.4.10.tar.bz2
-5f2d947e32a18803578beecb83353c7f ft2demos-2.4.10.tar.bz2
+b93435488942486c8d0ca22e8f768034 freetype-2.4.11.tar.bz2
+20f148103e069093f53584ce5ba16581 freetype-doc-2.4.11.tar.bz2
+4c751f2b02bd181102c377a6396d8454 ft2demos-2.4.11.tar.bz2
11 years, 4 months