[Bug 1444911] New: CVE-2017-7864 freetype:
heap-based buffer overflow related to the tt_size_reset function
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1444911
Bug ID: 1444911
Summary: CVE-2017-7864 freetype: heap-based buffer overflow
related to the tt_size_reset function
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: amaris(a)redhat.com
CC: behdad(a)fedoraproject.org, bmcclain(a)redhat.com,
cfergeau(a)redhat.com, dblechte(a)redhat.com,
eedri(a)redhat.com, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
fonts-bugs(a)lists.fedoraproject.org, gklein(a)redhat.com,
kevin(a)tigcc.ticalc.org, lsurette(a)redhat.com,
mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com,
mkasik(a)redhat.com, rbalakri(a)redhat.com,
rh-spice-bugs(a)redhat.com, rjones(a)redhat.com,
sherold(a)redhat.com, srevivo(a)redhat.com,
ydary(a)redhat.com, ykaul(a)redhat.com
FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based
buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.
Bug report:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=509
Upstream patch:
https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699...
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 10 months
[Bug 1429965] New: CVE-2016-10244 freetype:
parse_charstrings function in type1/
t1load.c does not ensure that a font contains a glyph name
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1429965
Bug ID: 1429965
Summary: CVE-2016-10244 freetype: parse_charstrings function in
type1/t1load.c does not ensure that a font contains a
glyph name
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: anemec(a)redhat.com
CC: behdad(a)fedoraproject.org, bmcclain(a)redhat.com,
cfergeau(a)redhat.com, dblechte(a)redhat.com,
eedri(a)redhat.com, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
fonts-bugs(a)lists.fedoraproject.org, gklein(a)redhat.com,
kevin(a)tigcc.ticalc.org, lsurette(a)redhat.com,
mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com,
mkasik(a)redhat.com, rbalakri(a)redhat.com,
rh-spice-bugs(a)redhat.com, rjones(a)redhat.com,
sherold(a)redhat.com, srevivo(a)redhat.com,
ydary(a)redhat.com, ykaul(a)redhat.com
The parse_charstrings function in type1/t1load.c in FreeType 2 does not ensure
that a font contains a glyph name, which allows remote attackers to cause a
denial of service (heap-based buffer over-read) or possibly have unspecified
other impact via a crafted file.
References:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36
Upstream patch:
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/...
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 10 months
[Bug 1444904] New: CVE-2017-7858 freetype:
out-of-bounds write related to the TT_Get_MM_Var and sfnt_init_face
functions
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1444904
Bug ID: 1444904
Summary: CVE-2017-7858 freetype: out-of-bounds write related to
the TT_Get_MM_Var and sfnt_init_face functions
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: amaris(a)redhat.com
CC: behdad(a)fedoraproject.org, bmcclain(a)redhat.com,
cfergeau(a)redhat.com, dblechte(a)redhat.com,
eedri(a)redhat.com, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
fonts-bugs(a)lists.fedoraproject.org, gklein(a)redhat.com,
kevin(a)tigcc.ticalc.org, lsurette(a)redhat.com,
mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com,
mkasik(a)redhat.com, rbalakri(a)redhat.com,
rh-spice-bugs(a)redhat.com, rjones(a)redhat.com,
sherold(a)redhat.com, srevivo(a)redhat.com,
ydary(a)redhat.com, ykaul(a)redhat.com
FreeType 2 before 2017-03-07 has an out-of-bounds write related to the
TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in
sfnt/sfobjs.c.
Bug report:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738
Upstream patch:
https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=77930...
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 10 months
[Bug 1444898] New: CVE-2017-7857 freetype:
heap-based buffer overflow related to the TT_Get_MM_Var function
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1444898
Bug ID: 1444898
Summary: CVE-2017-7857 freetype: heap-based buffer overflow
related to the TT_Get_MM_Var function
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: amaris(a)redhat.com
CC: behdad(a)fedoraproject.org, bmcclain(a)redhat.com,
cfergeau(a)redhat.com, dblechte(a)redhat.com,
eedri(a)redhat.com, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
fonts-bugs(a)lists.fedoraproject.org, gklein(a)redhat.com,
kevin(a)tigcc.ticalc.org, lsurette(a)redhat.com,
mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com,
mkasik(a)redhat.com, rbalakri(a)redhat.com,
rh-spice-bugs(a)redhat.com, rjones(a)redhat.com,
sherold(a)redhat.com, srevivo(a)redhat.com,
ydary(a)redhat.com, ykaul(a)redhat.com
FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based
buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and
the sfnt_init_face function in sfnt/sfobjs.c.
Bug report:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=759
Upstream patch:
https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7bbb9...
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 10 months
[Bug 1444895] New: CVE-2016-10328 freetype:
heap-based buffer overflow related to the cff_parser_run function
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1444895
Bug ID: 1444895
Summary: CVE-2016-10328 freetype: heap-based buffer overflow
related to the cff_parser_run function
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: amaris(a)redhat.com
CC: behdad(a)fedoraproject.org, bmcclain(a)redhat.com,
cfergeau(a)redhat.com, dblechte(a)redhat.com,
eedri(a)redhat.com, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
fonts-bugs(a)lists.fedoraproject.org, gklein(a)redhat.com,
kevin(a)tigcc.ticalc.org, lsurette(a)redhat.com,
mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com,
mkasik(a)redhat.com, rbalakri(a)redhat.com,
rh-spice-bugs(a)redhat.com, rjones(a)redhat.com,
sherold(a)redhat.com, srevivo(a)redhat.com,
ydary(a)redhat.com, ykaul(a)redhat.com
FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based
buffer overflow related to the cff_parser_run function in cff/cffparse.c.
Bug report:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=289
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 10 months
[Bug 1446500] New: CVE-2017-8105 freetype:
heap-based buffer overflow related to the t1_decoder_parse_charstrings
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1446500
Bug ID: 1446500
Summary: CVE-2017-8105 freetype: heap-based buffer overflow
related to the t1_decoder_parse_charstrings
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: amaris(a)redhat.com
CC: behdad(a)fedoraproject.org, bmcclain(a)redhat.com,
cfergeau(a)redhat.com, dblechte(a)redhat.com,
eedri(a)redhat.com, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
fonts-bugs(a)lists.fedoraproject.org, gklein(a)redhat.com,
kevin(a)tigcc.ticalc.org, lsurette(a)redhat.com,
mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com,
mkasik(a)redhat.com, rbalakri(a)redhat.com,
rh-spice-bugs(a)redhat.com, rjones(a)redhat.com,
sherold(a)redhat.com, srevivo(a)redhat.com,
ydary(a)redhat.com, ykaul(a)redhat.com
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based
buffer overflow related to the t1_decoder_parse_charstrings function in
psaux/t1decode.c.
Bug report:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
Upstream patch:
https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c...
--
You are receiving this mail because:
You are on the CC list for the bug.
5 years, 10 months
[Bug 1271620] New: please update spec templates as per latest
guidelines
by Red Hat Bugzilla
https://bugzilla.redhat.com/show_bug.cgi?id=1271620
Bug ID: 1271620
Summary: please update spec templates as per latest guidelines
Product: Fedora
Version: 23
Component: fontpackages
Assignee: nicolas.mailhot(a)laposte.net
Reporter: kvolny(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: fonts-bugs(a)lists.fedoraproject.org,
nicolas.mailhot(a)laposte.net, paul(a)frixxon.co.uk,
tagoh(a)redhat.com
Description of problem:
I'm trying to package a font. While filing the spec template, I have found that
there is:
%install
rm -fr %{buildroot}
but the buildroot is now cleaned automatically so the `rm` command should not
be present.
Please update the spec templates according to the latest guidelines. Also note
that there may be other deviations from current packaging guidelines that I
have overlooked ...
Version-Release number of selected component (if applicable):
fontpackages-devel-1.44-14.fc23.noarch
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=162cGuTqJk&a=cc_unsubscribe
5 years, 10 months