https://bugzilla.redhat.com/show_bug.cgi?id=1191082

--- Comment #1 from Vasyl Kaigorodov vkaigoro@redhat.com ---

Created freetype tracking bugs for this issue:

Affects: fedora-all [bug 1191099]

https://bugzilla.redhat.com/show_bug.cgi?id=1191082 Bug 1191082 depends on bug 1191099, which changed state.

Bug 1191099 Summary: CVE-2014-9656 CVE-2014-9657 CVE-2014-9661 CVE-2014-9660 CVE-2014-9667 CVE-2014-9666 CVE-2014-9665 CVE-2014-9664 CVE-2014-9669 CVE-2014-9668 CVE-2014-9662 CVE-2014-9658 CVE-2014-9659 CVE-2014-9663 CVE-2014-9670 freetype: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1191099

What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA

https://bugzilla.redhat.com/show_bug.cgi?id=1191082

Tomas Hoger thoger@redhat.com changed:

What |Removed |Added ---------------------------------------------------------------------------- Priority|medium |low Fixed In Version| |freetype 2.5.4 Summary|CVE-2014-9660 freetype: |CVE-2014-9660 freetype: |NULL pointer dereference in |missing ENDCHAR NULL |the _bdf_parse_glyphs |pointer dereference in the |function in bdf/bdflib.c |_bdf_parse_glyphs() Whiteboard|impact=moderate,public=2014 |impact=low,public=20141124, |1124,reported=20150210,sour |reported=20150210,source=cv |ce=cve,cvss2=3.7/AV:L/AC:H/ |e,cvss2=4.3/AV:N/AC:M/Au:N/ |Au:N/C:P/I:P/A:P,fedora-all |C:N/I:N/A:P,rhel-4/freetype |/freetype=affected,rhel-5/f |=wontfix,rhel-5/freetype=wo |reetype=new,rhel-6/freetype |ntfix,rhel-6/freetype=affec |=new,rhel-7/freetype=new |ted,rhel-7/freetype=affecte | |d,rhev-m-3/mingw-virt-viewe | |r=affected,fedora-all/freet | |ype=affected,fedora-all/min | |gw-freetype=affected,epel-7 | |/mingw-freetype=affected Severity|medium |low

--- Comment #3 from Tomas Hoger thoger@redhat.com --- Upstream bug is: https://savannah.nongnu.org/bugs/?43660

Issue was fixed upstream in 2.5.4.

A NULL pointer dereference issue, which can cause application using freetype to crash if specially-crafted BDF font is loaded.

https://bugzilla.redhat.com/show_bug.cgi?id=1191082

--- Comment #4 from Fedora Update System updates@fedoraproject.org --- freetype-2.5.0-9.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.

https://bugzilla.redhat.com/show_bug.cgi?id=1191082

Martin Prpic mprpic@redhat.com changed:

What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1197738

https://bugzilla.redhat.com/show_bug.cgi?id=1191082

Martin Prpic mprpic@redhat.com changed:

What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1197740

https://bugzilla.redhat.com/show_bug.cgi?id=1191082

Tomas Hoger thoger@redhat.com changed:

What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |ERRATA Last Closed| |2015-03-18 03:40:42

https://bugzilla.redhat.com/show_bug.cgi?id=1191082

Ján Rusnačko jrusnack@redhat.com changed:

What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=low,public=20141124, |impact=low,public=20141124, |reported=20150210,source=cv |reported=20150210,source=cv |e,cvss2=4.3/AV:N/AC:M/Au:N/ |e,cvss2=4.3/AV:N/AC:M/Au:N/ |C:N/I:N/A:P,cwe=CWE-476,rhe |C:N/I:N/A:P,cwe=CWE-476,rhe |l-4/freetype=wontfix,rhel-5 |l-4/freetype=wontfix,rhel-5 |/freetype=wontfix,rhel-6/fr |/freetype=wontfix,rhel-6/fr |eetype=notaffected,rhel-7/f |eetype=affected,rhel-7/free |reetype=affected,rhev-m-3/m |type=affected,rhev-m-3/ming |ingw-virt-viewer=affected,f |w-virt-viewer=affected,fedo |edora-all/freetype=affected |ra-all/freetype=affected,fe |,fedora-all/mingw-freetype= |dora-all/mingw-freetype=aff |affected,epel-7/mingw-freet |ected,epel-7/mingw-freetype |ype=affected |=affected