First Last Prev Next    This bug is not in your last search results.
Bug 38465 - freetype: Multiple issues (4.0)
freetype: Multiple issues (4.0)
Status: CLOSED WONTFIX
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.0
Other Linux
: P3 normal (vote)
: UCS 4.0-x-errata
Assigned To: Security maintainers
:
Depends on: 37757
Blocks: 40548
  Show dependency treegraph
 
Reported: 2015-05-06 16:32 CEST by Janek Walkenhorst
Modified: 2019-04-11 19:23 CEST (History)
3 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:
requate: Patch_Available+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Janek Walkenhorst univentionstaff 2015-05-06 16:32:54 CEST 
Multiple bugs in processing font files allow denial of service or the execution of arbitrary code:

CVE-2014-9674:

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
Comment 1 Arvid Requate univentionstaff 2015-10-15 15:06:26 CEST 
Debian package version 2.4.9-1.1+deb7u2 fixes:

* remote denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream (CVE-2014-9745)
* use of uninitialized data (CVE-2014-9746)
* t42parse.c vulnerability (CVE-2014-9747)
Comment 2 Arvid Requate univentionstaff 2016-02-01 11:50:35 CET 
Debian package version 2.4.9-1.1+deb7u3 fixes CVE-2014-9674.
Comment 3 Arvid Requate univentionstaff 2016-06-01 19:11:02 CEST 
UCS 4.0 is out of maintenance. See Blocks field for the UCS 4.1 specific bug.
First Last Prev Next    This bug is not in your last search results.