[Bug 1446500] New: CVE-2017-8105 freetype: heap-based buffer overflow related to the t1_decoder_parse_charstrings
3:55 a.m.
https://bugzilla.redhat.com/show_bug.cgi?id=1446500
Bug ID: 1446500
Summary: CVE-2017-8105 freetype: heap-based buffer overflow
related to the t1_decoder_parse_charstrings
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: amaris(a)redhat.com
CC: behdad(a)fedoraproject.org, bmcclain(a)redhat.com,
cfergeau(a)redhat.com, dblechte(a)redhat.com,
eedri(a)redhat.com, erik-fedora(a)vanpienbroek.nl,
fedora-mingw(a)lists.fedoraproject.org,
fonts-bugs(a)lists.fedoraproject.org, gklein(a)redhat.com,
kevin(a)tigcc.ticalc.org, lsurette(a)redhat.com,
mgoldboi(a)redhat.com, michal.skrivanek(a)redhat.com,
mkasik(a)redhat.com, rbalakri(a)redhat.com,
rh-spice-bugs(a)redhat.com, rjones(a)redhat.com,
sherold(a)redhat.com, srevivo(a)redhat.com,
ydary(a)redhat.com, ykaul(a)redhat.com
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based
buffer overflow related to the t1_decoder_parse_charstrings function in
psaux/t1decode.c.
Bug report:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
Upstream patch:
https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c...
--
You are receiving this mail because:
You are on the CC list for the bug.
3:55 a.m.
New subject: [Bug 1446500] CVE-2017-8105 freetype:
heap-based buffer overflow related to the t1_decoder_parse_charstrings
https://bugzilla.redhat.com/show_bug.cgi?id=1446500
Adam Mariš <amaris(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Depends On| |1446503, 1446501, 1446502
--- Comment #1 from Adam Mariš <amaris(a)redhat.com> ---
Created freetype tracking bugs for this issue:
Affects: fedora-all [bug 1446501]
Created mingw-freetype tracking bugs for this issue:
Affects: epel-7 [bug 1446503]
Affects: fedora-all [bug 1446502]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1446501
[Bug 1446501] CVE-2017-8105 freetype: heap-based buffer overflow related to
the t1_decoder_parse_charstrings [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1446502
[Bug 1446502] CVE-2017-8105 mingw-freetype: freetype: heap-based buffer
overflow related to the t1_decoder_parse_charstrings [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1446503
[Bug 1446503] CVE-2017-8105 mingw-freetype: freetype: heap-based buffer
overflow related to the t1_decoder_parse_charstrings [epel-7]
--
You are receiving this mail because:
You are on the CC list for the bug.
4:16 a.m.
New subject: [Bug 1446500] CVE-2017-8105 freetype:
heap-based buffer overflow related to the t1_decoder_parse_charstrings
https://bugzilla.redhat.com/show_bug.cgi?id=1446500
Adam Mariš <amaris(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |1446505
Blocks| |1446078
--
You are receiving this mail because:
You are on the CC list for the bug.
12:10 p.m.
New subject: [Bug 1446500] CVE-2017-8105 freetype:
heap-based buffer overflow related to the t1_decoder_parse_charstrings
https://bugzilla.redhat.com/show_bug.cgi?id=1446500
Bug 1446500 depends on bug 1446501, which changed state.
Bug 1446501 Summary: CVE-2017-8105 freetype: heap-based buffer overflow related to the
t1_decoder_parse_charstrings [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1446501
What |Removed |Added
----------------------------------------------------------------------------
Status|ON_QA |CLOSED
Resolution|--- |ERRATA
--
You are receiving this mail because:
You are on the CC list for the bug.
9:30 a.m.
New subject: [Bug 1446500] CVE-2017-8105 freetype:
heap-based buffer overflow related to the t1_decoder_parse_charstrings
https://bugzilla.redhat.com/show_bug.cgi?id=1446500
Stefan Cornelius <scorneli(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017
|0324,reported=20170424,sour |0324,reported=20170424,sour
|ce=cve,cvss3=7.0/CVSS:3.0/A |ce=cve,cvss3=7.0/CVSS:3.0/A
|V:L/AC:H/PR:N/UI:R/S:U/C:H/ |V:L/AC:H/PR:N/UI:R/S:U/C:H/
|I:H/A:H,cwe=CWE-122,rhel-5/ |I:H/A:H,cwe=CWE-122,rhel-5/
|freetype=new,rhel-6/freetyp |freetype=notaffected,rhel-6
|e=new,rhel-7/freetype=new,r |/freetype=notaffected,rhel-
|hev-m-3/mingw-virt-viewer=n |7/freetype=affected,rhev-m-
|ew,fedora-all/freetype=affe |3/mingw-virt-viewer=new,fed
|cted,fedora-all/mingw-freet |ora-all/freetype=affected,f
|ype=affected,epel-7/mingw-f |edora-all/mingw-freetype=af
|reetype=affected |fected,epel-7/mingw-freetyp
| |e=affected
--
You are receiving this mail because:
You are on the CC list for the bug.
4:07 a.m.
New subject: [Bug 1446500] CVE-2017-8105 freetype:
heap-based buffer overflow related to the t1_decoder_parse_charstrings
https://bugzilla.redhat.com/show_bug.cgi?id=1446500
Stefan Cornelius <scorneli(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |CLOSED
Resolution|--- |WONTFIX
Whiteboard|impact=moderate,public=2017 |impact=moderate,public=2017
|0324,reported=20170424,sour |0324,reported=20170424,sour
|ce=cve,cvss3=7.0/CVSS:3.0/A |ce=cve,cvss3=7.0/CVSS:3.0/A
|V:L/AC:H/PR:N/UI:R/S:U/C:H/ |V:L/AC:H/PR:N/UI:R/S:U/C:H/
|I:H/A:H,cwe=CWE-122,rhel-5/ |I:H/A:H,cwe=CWE-122,rhel-5/
|freetype=notaffected,rhel-6 |freetype=notaffected,rhel-6
|/freetype=notaffected,rhel- |/freetype=notaffected,rhel-
|7/freetype=affected,rhev-m- |7/freetype=wontfix,rhev-m-3
|3/mingw-virt-viewer=new,fed |/mingw-virt-viewer=new,fedo
|ora-all/freetype=affected,f |ra-all/freetype=affected,fe
|edora-all/mingw-freetype=af |dora-all/mingw-freetype=aff
|fected,epel-7/mingw-freetyp |ected,epel-7/mingw-freetype
|e=affected |=affected
Last Closed| |2017-08-22 05:07:35
--
You are receiving this mail because:
You are on the CC list for the bug.
4:07 a.m.
New subject: [Bug 1446500] CVE-2017-8105 freetype:
heap-based buffer overflow related to the t1_decoder_parse_charstrings
https://bugzilla.redhat.com/show_bug.cgi?id=1446500
--- Comment #3 from Stefan Cornelius <scorneli(a)redhat.com> ---
Statement:
Red Hat Product Security has rated this issue as having Moderate security
impact. This issue is not currently planned to be addressed in future updates.
For additional information, refer to the Issue Severity Classification:
https://access.redhat.com/security/updates/classification/.
--
You are receiving this mail because:
You are on the CC list for the bug.
4:29 a.m.
New subject: [Bug 1446500] CVE-2017-8105 freetype:
heap-based buffer overflow related to the t1_decoder_parse_charstrings
https://bugzilla.redhat.com/show_bug.cgi?id=1446500
Bug 1446500 depends on bug 1446502, which changed state.
Bug 1446502 Summary: CVE-2017-8105 mingw-freetype: freetype: heap-based buffer overflow
related to the t1_decoder_parse_charstrings [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1446502
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |CLOSED
Resolution|--- |WONTFIX
--
You are receiving this mail because:
You are on the CC list for the bug.
2168
days inactive
2566
days old
fonts-bugs@lists.fedoraproject.org
7 comments
1 participants
participants (1)
-
bugzilla@redhat.com