UbuntuUpdates.org

Package "freetype"

Name: freetype

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • FreeType 2 font engine, development documentation
  • FreeType 2 font engine, development files
  • FreeType 2 font engine, shared library files
  • FreeType 2 font engine, development files (transitional package)
Latest version: 2.10.1-2ubuntu0.4
Release: focal (20.04)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "freetype" in Focal

Repository Area Version
base main 2.10.1-2
base universe 2.10.1-2
security main 2.10.1-2ubuntu0.4
security universe 2.10.1-2ubuntu0.4
updates universe 2.10.1-2ubuntu0.4

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.10.1-2ubuntu0.4 2025-03-17 19:06:55 UTC

  freetype (2.10.1-2ubuntu0.4) focal-security; urgency=medium

  * SECURITY UPDATE: OOB write via font subglyph structures parsing
    - debian/patches/CVE-2025-27363.patch: make sure limit doesn't overflow
      in src/truetype/ttgload.c.
    - CVE-2025-27363
  * SECURITY UPDATE: DoS in gvar table loading (LP: #2028863)
    - debian/patches/lp2028863-dos.patch: add better checks for loading
      gvar table in src/truetype/ttgxvar.c.
    - No CVE number

 -- Marc Deslauriers <email address hidden> Fri, 14 Mar 2025 13:03:51 -0400
Source diff to previous version
2028863 Denial of service via gvar table loading
CVE-2025-27363 An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font sub

Version: 2.10.1-2ubuntu0.3 2023-05-09 15:07:12 UTC

  freetype (2.10.1-2ubuntu0.3) focal-security; urgency=medium

  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2023-2004.patch: fix a integer overflow
      in src/truetype/ttgxvar.c.
    - CVE-2023-2004

 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 02 May 2023 08:24:45 -0300
Source diff to previous version
CVE-2023-2004 An integer overflow vulnerability was discovered in Freetype in tt_hvadvance_adjust() function in src/truetype/ttgxvar.c.

Version: 2.10.1-2ubuntu0.2 2022-07-20 16:06:20 UTC

  freetype (2.10.1-2ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: Heap buffer overflow in sfnt_init_face
    - debian/patches/CVE-2022-27404.patch: avoid invalid face index in
      src/sfnt/sfobjs.c.
    - CVE-2022-27404
  * SECURITY UPDATE: Segmentation violation in FNT_Size_Request
    - debian/patches/CVE-2022-27405.patch: properly guard face_index in
      src/base/ftobjs.c.
    - CVE-2022-27405
  * SECURITY UPDATE: Segmentation violation in FT_Request_Size
    - debian/patches/CVE-2022-27406.patch: guard face->size in
      src/base/ftobjs.c.
    - CVE-2022-27406
  * SECURITY UPDATE: Heap-based buffer overflow in ftbench demo
    - debian/patches/CVE-2022-31782.patch: check the number of glyphs in
      ft2demos/src/ftbench.c.
    - CVE-2022-31782

 -- Marc Deslauriers <email address hidden> Tue, 19 Jul 2022 11:28:34 -0400
Source diff to previous version
CVE-2022-27404 FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
CVE-2022-27405 FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.
CVE-2022-27406 FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.
CVE-2022-31782 ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow.

Version: 2.10.1-2ubuntu0.1 2020-10-20 12:06:23 UTC

  freetype (2.10.1-2ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: heap buffer overflow via integer truncation in
    Load_SBit_Png
    - debian/patches/CVE-2020-15999.patch: Update src/sfnt/pngshim.c to
      test and reject invalid bitmap size earlier in Load_SBit_Png. Based on
      upstream patch.
    - CVE-2020-15999

 -- Alex Murray <email address hidden> Tue, 20 Oct 2020 12:37:23 +1030
CVE-2020-15999 RESERVED


About   -   Send Feedback to @ubuntu_updates