Univention Bugzilla – Bug 46841
freetype: Multiple issues (4.3)
Last modified: 2018-09-18 07:51:57 CEST
New Debian freetype 2.5.2-3+deb8u2 fixes: This update addresses the following issues: * CVE-2016-10244: parse_charstrings function in type1/t1load.c does not ensure that a font contains a glyph name * CVE-2017-8105: heap-based buffer overflow related to the t1_decoder_parse_charstrings * CVE-2017-8287: heap-based buffer overflow related to the t1_builder_close_contour function CVE-2016-10244 freetype: parse_charstrings function in type1/t1load.c does not ensure that a font contains a glyph name CVE-2017-8105 freetype: heap-based buffer overflow related to the t1_decoder_parse_charstrings CVE-2017-8287 freetype: heap-based buffer overflow related to the t1_builder_close_contour function
*** This bug has been marked as a duplicate of bug 44574 ***
OK
Nothing to release