[Bug 1172633] freetype: OOB stack-based read/write in cf2_hintmap_build() (incomplete fix for CVE-2014-2240).
bugzilla at redhat.com
bugzilla at redhat.com
Thu Dec 11 11:05:18 UTC 2014
https://bugzilla.redhat.com/show_bug.cgi?id=1172633
--- Comment #5 from Marek Kašík <mkasik at redhat.com> ---
(In reply to David Walser from comment #4)
> (In reply to Marek Kašík from comment #3)
> > Shouldn't we use the patch from
> > http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/
> > ?id=2cdc4562f873237f1c77d43540537c7a721d3fd8 instead of the [2]?
> > Also, according to the mentioned versions, we should probably fix it in
> > Fedora 21 too.
>
> As well as this one, yes:
> http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/
> ?id=f89396cb6284954ff98b5dcbfc38e144deccdc83
Thank you for pointing me to this commit. I've updated the update.
> The one linked in [2] is the original incomplete fix from before.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=AkoEotK9I9&a=cc_unsubscribe
More information about the fonts-bugs
mailing list