Bugs fixes in "freetype"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2014-9671 | Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (N | 2015-02-24 |
| CVE | CVE-2014-9670 | Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a deni | 2015-02-24 |
| CVE | CVE-2014-9669 | Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memor | 2015-02-24 |
| CVE | CVE-2014-9668 | The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, whi | 2015-02-24 |
| CVE | CVE-2014-9667 | sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to caus | 2015-02-24 |
| CVE | CVE-2014-9666 | The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count v | 2015-02-24 |
| CVE | CVE-2014-9665 | The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote at | 2015-02-24 |
| CVE | CVE-2014-9664 | FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of servi | 2015-02-24 |
| CVE | CVE-2014-9663 | The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely cal | 2015-02-24 |
| CVE | CVE-2014-9662 | cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a deni | 2015-02-24 |
| CVE | CVE-2014-9661 | type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attacke | 2015-02-24 |
| CVE | CVE-2014-9660 | The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attack | 2015-02-24 |
| CVE | CVE-2014-9659 | cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which | 2015-02-24 |
| CVE | CVE-2014-9658 | The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to | 2015-02-24 |
| CVE | CVE-2014-9657 | The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers | 2015-02-24 |
| CVE | CVE-2014-9656 | The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remot | 2015-02-24 |
| Launchpad | 1199571 | Huge multi-threading violations in freetype | 2015-02-16 |
| Launchpad | 1199571 | Huge multi-threading violations in freetype | 2015-02-11 |
| Launchpad | 1199571 | Huge multi-threading violations in freetype | 2015-02-11 |
| Launchpad | 1310017 | freetype 2.5.x broke rendering of the default Korean font | 2014-06-02 |
About
-
Send Feedback to @ubuntu_updates
