https://bugzilla.redhat.com/show_bug.cgi?id=1752788
Bug ID: 1752788 Summary: CVE-2015-9381 freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to information disclosure Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: mrehak@redhat.com CC: ajax@redhat.com, caillon+fedoraproject@gmail.com, fonts-bugs@lists.fedoraproject.org, gnome-sig@lists.fedoraproject.org, john.j5live@gmail.com, kevin@tigcc.ticalc.org, mclasen@redhat.com, mkasik@redhat.com, rhughes@redhat.com, rstrode@redhat.com, sandmann@redhat.com Target Milestone: --- Classification: Other
FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.