Package "libfreetype6-dev"
Name: |
libfreetype6-dev
|
Description: |
FreeType 2 font engine, development files
|
Latest version: |
2.8.1-2ubuntu2.2 |
Release: |
bionic (18.04) |
Level: |
security |
Repository: |
main |
Head package: |
freetype |
Homepage: |
http://www.freetype.org |
Links
Download "libfreetype6-dev"
Other versions of "libfreetype6-dev" in Bionic
Changelog
freetype (2.8.1-2ubuntu2.2) bionic-security; urgency=medium
* SECURITY UPDATE: Heap buffer overflow in sfnt_init_face
- debian/patches-freetype/CVE-2022-27404.patch: avoid invalid face
index in src/sfnt/sfobjs.c.
- CVE-2022-27404
* SECURITY UPDATE: Segmentation violation in FNT_Size_Request
- debian/patches-freetype/CVE-2022-27405.patch: properly guard
face_index in src/base/ftobjs.c.
- CVE-2022-27405
* SECURITY UPDATE: Segmentation violation in FT_Request_Size
- debian/patches-freetype/CVE-2022-27406.patch: guard face->size in
src/base/ftobjs.c.
- CVE-2022-27406
* SECURITY UPDATE: Heap-based buffer overflow in ftbench demo
- debian/patches-ft2demos/CVE-2022-31782.patch: check the number of
glyphs in src/ftbench.c.
- CVE-2022-31782
-- Marc Deslauriers <email address hidden> Tue, 19 Jul 2022 12:39:11 -0400
|
Source diff to previous version |
CVE-2022-27404 |
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face. |
CVE-2022-27405 |
FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request. |
CVE-2022-27406 |
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size. |
CVE-2022-31782 |
ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow. |
|
freetype (2.8.1-2ubuntu2.1) bionic-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow via integer truncation in
Load_SBit_Png
- debian/patches-freetype/CVE-2020-15999.patch: Update
src/sfnt/pngshim.c to test and reject invalid bitmap size earlier in
Load_SBit_Png. Based on upstream patch.
- CVE-2020-15999
-- Alex Murray <email address hidden> Tue, 20 Oct 2020 12:49:06 +1030
|
|
About
-
Send Feedback to @ubuntu_updates