[Bug 1172633] freetype: OOB stack-based read/write in cf2_hintmap_build() (incomplete fix for CVE-2014-2240).
bugzilla at redhat.com
bugzilla at redhat.com
Wed Dec 10 22:55:50 UTC 2014
https://bugzilla.redhat.com/show_bug.cgi?id=1172633
--- Comment #4 from David Walser <luigiwalser at yahoo.com> ---
(In reply to Marek Kašík from comment #3)
> Shouldn't we use the patch from
> http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/
> ?id=2cdc4562f873237f1c77d43540537c7a721d3fd8 instead of the [2]?
> Also, according to the mentioned versions, we should probably fix it in
> Fedora 21 too.
As well as this one, yes:
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f89396cb6284954ff98b5dcbfc38e144deccdc83
The one linked in [2] is the original incomplete fix from before.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=bQ00jtqzFs&a=cc_unsubscribe
More information about the fonts-bugs
mailing list