[Bug 800597] CVE-2012-1138 freetype: heap OOB read in the MIRP instruction implementation in TTF BCI (#35646)
bugzilla at redhat.com
bugzilla at redhat.com
Wed Mar 14 17:27:59 UTC 2012
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=800597
Tomas Hoger <thoger at redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|CVE-2012-1138 freetype: |CVE-2012-1138 freetype:
|Out-of heap-based buffer |heap OOB read in the MIRP
|read in the TrueType |instruction implementation
|bytecode interpreter by |in TTF BCI (#35646)
|executing the MIRP |
|instruction (FU#35646) |
Status Whiteboard|impact=low,public=20120227, |impact=low,public=20120227,
|reported=20120302,source=go |reported=20120302,source=se
|ogle,cvss2=4.3/AV:N/AC:M/Au |calert,cvss2=4.3/AV:N/AC:M/
|:N/C:N/I:N/A:P,rhel-5/freet |Au:N/C:N/I:N/A:P,rhel-5/fre
|ype=new,rhel-6/freetype=new |etype=notaffected,rhel-6/fr
|,fedora-all/freetype=new |eetype=notaffected,fedora-a
| |ll/freetype=affected
--- Comment #2 from Tomas Hoger <thoger at redhat.com> 2012-03-14 13:27:57 EDT ---
This flaw is in the TrueType bytecode interpreter (BCI) implementation. BCI is
not enabled in Red Hat Enterprise Linux 4, 5, and 6 freetype packages (it was
disabled by default upstream because of the patent concerns). BCI support is
now enabled by default in upstream versions 2.4 and later, as relevant patents
expired: http://www.freetype.org/patents.html
Statement:
Not vulnerable. This issue did not affect freetype packages as shipped with Red
Hat Enterprise Linux 5 and 6, as they do not enable TrueType bytecode
interpreter.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the fonts-bugs
mailing list