Univention Bugzilla – Bug 55192
freetype: Multiple issues (5.0)
Last modified: 2022-09-13 17:50:22 CEST
New Debian freetype 2.9.1-3+deb10u3 fixes: This update addresses the following issues: * Buffer Overflow (CVE-2022-27404) * Segementation Fault (CVE-2022-27405) * Segmentation violation (CVE-2022-27406)
--- mirror/ftp/pool/main/f/freetype/freetype_2.9.1-3+deb10u2.dsc +++ apt/ucs_5.0-0-errata5.0-2/source/freetype_2.9.1-3+deb10u3.dsc @@ -1,3 +1,13 @@ +2.9.1-3+deb10u3 [Thu, 28 Apr 2022 21:11:36 +1000] Hugh McMaster <hugh.mcmaster@outlook.com>: + + * Add upstream patches to fix multiple vulnerabilities. Closes: #1010183. + - CVE-2022-27404: heap buffer overflow via invalid integer decrement in + sfnt_init_face(). + - CVE-2022-27405: segmentation violation via ft_open_face_internal() when + attempting to read the value of FT_LONG face_index. + - CVE-2022-27406: segmentation violation via FT_Request_Size() when + attempting to read the value of an unguarded face size handle. + 2.9.1-3+deb10u2 [Tue, 20 Oct 2020 21:15:41 +0200] Salvatore Bonaccorso <carnil@debian.org>: * Non-maintainer upload by the Security Team. <http://piuparts.knut.univention.de/5.0-2/#5442971343321578695>
OK: yaml OK: announce_errata OK: patch OK: piuparts
<https://errata.software-univention.de/#/?erratum=5.0x415>