https://bugzilla.redhat.com/show_bug.cgi?id=1191085 Vasyl Kaigorodov <vkaigoro(a)redhat.com&gt; changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1191099 Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1191099 [Bug 1191099] CVE-2014-9656 CVE-2014-9657 CVE-2014-9661 CVE-2014-9660 CVE-2014-9662 CVE-2014-9658 CVE-2014-9659 freetype: various flaws [fedora-all] -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=e1Q3Xb8dRn&a=cc_unsubscribe

https://bugzilla.redhat.com/show_bug.cgi?id=1191085 Vasyl Kaigorodov <vkaigoro(a)redhat.com&gt; changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1191102 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=gCjGgJRd0n&a=cc_unsubscribe

https://bugzilla.redhat.com/show_bug.cgi?id=1191085 --- Comment #2 from Fedora Update System <updates(a)fedoraproject.org&gt; --- freetype-2.5.3-15.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=8hvdiJWfFU&a=cc_unsubscribe

https://bugzilla.redhat.com/show_bug.cgi?id=1191085 Tomas Hoger <thoger(a)redhat.com&gt; changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|medium |low Fixed In Version| |freetype 2.5.4 Summary|CVE-2014-9663 freetype: |CVE-2014-9663 freetype: |out-of-bounds read in the |out-of-bounds read in |tt_cmap4_validate function |tt_cmap4_validate() |in sfnt/ttcmap.c | Whiteboard|impact=moderate,public=2014 |impact=low,public=20141124, |1124,reported=20150210,sour |reported=20150210,source=cv |ce=cve,cvss2=3.7/AV:L/AC:H/ |e,cvss2=2.6/AV:N/AC:H/Au:N/ |Au:N/C:P/I:P/A:P,fedora-all |C:N/I:N/A:P,cwe=CWE-125,rhe |/freetype=affected,rhel-5/f |l-4/freetype=wontfix,rhel-5 |reetype=new,rhel-6/freetype |/freetype=wontfix,rhel-6/fr |=new,rhel-7/freetype=new |eetype=affected,rhel-7/free | |type=affected,rhev-m-3/ming | |w-virt-viewer=affected,fedo | |ra-all/freetype=affected,fe | |dora-all/mingw-freetype=aff | |ected,epel-7/mingw-freetype | |=affected Severity|medium |low --- Comment #4 from Tomas Hoger <thoger(a)redhat.com&gt; --- Upstream bug is: https://savannah.nongnu.org/bugs/?43656 Issue was fixed upstream in 2.5.4. This is a very limited buffer over-read. Two bytes are read from at max 7th and 8th byte after the end of the buffer. After that, another check is reached that detects the problem. This is rather unlikely to cause crash. Issue is caused by a misplaced check to ensure enough input it still available for further parsing. After the check, length variable indicating remaining input size is decremented to the size of the actually available data. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=WUnMucqzZC&a=cc_unsubscribe

https://bugzilla.redhat.com/show_bug.cgi?id=1191085 Martin Prpic <mprpic(a)redhat.com&gt; changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1197738 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=ndzizgFD2j&a=cc_unsubscribe

https://bugzilla.redhat.com/show_bug.cgi?id=1191085 Martin Prpic <mprpic(a)redhat.com&gt; changed: What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1197740 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=tHbJiCaOBb&a=cc_unsubscribe

https://bugzilla.redhat.com/show_bug.cgi?id=1191085 Tomas Hoger <thoger(a)redhat.com&gt; changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |ERRATA Last Closed| |2015-03-18 03:40:50 -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=GIEVkoEVG5&a=cc_unsubscribe

https://bugzilla.redhat.com/show_bug.cgi?id=1191085 Ján Rusnačko <jrusnack(a)redhat.com&gt; changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20141124, |impact=low,public=20141124, |reported=20150210,source=cv |reported=20150210,source=cv |e,cvss2=2.6/AV:N/AC:H/Au:N/ |e,cvss2=2.6/AV:N/AC:H/Au:N/ |C:N/I:N/A:P,cwe=CWE-125,rhe |C:N/I:N/A:P,cwe=CWE-125,rhe |l-4/freetype=wontfix,rhel-5 |l-4/freetype=wontfix,rhel-5 |/freetype=wontfix,rhel-6/fr |/freetype=wontfix,rhel-6/fr |eetype=notaffected,rhel-7/f |eetype=affected,rhel-7/free |reetype=affected,rhev-m-3/m |type=affected,rhev-m-3/ming |ingw-virt-viewer=affected,f |w-virt-viewer=affected,fedo |edora-all/freetype=affected |ra-all/freetype=affected,fe |,fedora-all/mingw-freetype= |dora-all/mingw-freetype=aff |affected,epel-7/mingw-freet |ected,epel-7/mingw-freetype |ype=affected |=affected -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=6qM4R6J0gC&a=cc_unsubscribe