[Bug 659359] CVE-2010-4259 FontForge: Stack-based buffer overflow by processing specially-crafted CHARSET_REGISTRY font file header

bugzilla at redhat.com bugzilla at redhat.com
Tue Jul 19 08:14:27 UTC 2011

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


--- Comment #11 from Jan Lieskovsky <jlieskov at redhat.com> 2011-07-19 04:14:26 EDT ---
Kevin, to your question,

(In reply to comment #9)
> https://admin.fedoraproject.org/updates/fontforge-20100501-5.fc14
> (and similar f13 update) fixed this long ago. 
> Can we just close this now?

No, this issue still affects fontforge package, as shipped with Red Hat
Enterprise Linux 6. This bug will be closed only at the moment, it has been
addressed there too.

Though you are not responsible for this bug. It will be closed by Red Hat
Security Response Team once the issue has been solved in all affected packages.

You are / have been responsible only for BZ#659365 which is solved now.

Hope this helps.

Thank you && Regards, Jan.
Jan iankko Lieskovsky / Red Hat Security Response Team

Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the fonts-bugs mailing list