[Bug 1475388] New: CVE-2017-11570 fontforge: Buffer over-read in umodenc function

26 Jul 2017


      https://bugzilla.redhat.com/show_bug.cgi?id=1475388
Bug ID: 1475388
           Summary: CVE-2017-11570 fontforge: Buffer over-read in umodenc
                    function
           Product: Security Response
         Component: vulnerability
          Keywords: Security
          Severity: low
          Priority: low
          Assignee: security-response-team@redhat.com
          Reporter: anemec@redhat.com
                CC: eng-i18n-bugs@redhat.com,
                    fonts-bugs@lists.fedoraproject.org, kevin@scrye.com,
                    paul@frixxon.co.uk, pnemade@redhat.com
FontForge 20161012 is vulnerable to a buffer over-read in umodenc (parsettf.c)
resulting in DoS or via a crafted otf file.
Upstream issue:
https://github.com/fontforge/fontforge/issues/3097
-- 
You are receiving this mail because:
You are on the CC list for the bug.

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

[Bug 1475388] New: CVE-2017-11570 fontforge: Buffer over-read in umodenc function