[Bug 1172633] freetype: OOB stack-based read/write in cf2_hintmap_build() (incomplete fix for CVE-2014-2240).

bugzilla at redhat.com bugzilla at redhat.com
Thu Dec 11 11:05:18 UTC 2014


--- Comment #5 from Marek Kašík <mkasik at redhat.com> ---
(In reply to David Walser from comment #4)
> (In reply to Marek Kašík from comment #3)
> > Shouldn't we use the patch from
> > http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/
> > ?id=2cdc4562f873237f1c77d43540537c7a721d3fd8 instead of the [2]?
> > Also, according to the mentioned versions, we should probably fix it in
> > Fedora 21 too.
> As well as this one, yes:
> http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/
> ?id=f89396cb6284954ff98b5dcbfc38e144deccdc83

Thank you for pointing me to this commit. I've updated the update.

> The one linked in [2] is the original incomplete fix from before.

You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=AkoEotK9I9&a=cc_unsubscribe

More information about the fonts-bugs mailing list