Package "freetype"
Name: |
freetype
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- FreeType 2 font engine, development documentation
- FreeType 2 font engine, development files
- FreeType 2 font engine, shared library files
- FreeType 2 font engine, development files (transitional package)
|
Latest version: |
2.11.1+dfsg-1ubuntu0.2 |
Release: |
jammy (22.04) |
Level: |
updates |
Repository: |
main |
Links
Other versions of "freetype" in Jammy
Packages in group
Deleted packages are displayed in grey.
Changelog
freetype (2.11.1+dfsg-1ubuntu0.2) jammy-security; urgency=medium
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2023-2004.patch: fix a integer overflow
in src/truetype/ttgxvar.c.
- CVE-2023-2004
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 02 May 2023 08:19:28 -0300
|
Source diff to previous version |
CVE-2023-2004 |
An integer overflow vulnerability was discovered in Freetype in tt_hvadvance_adjust() function in src/truetype/ttgxvar.c. |
|
freetype (2.11.1+dfsg-1ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: Heap buffer overflow in sfnt_init_face
- debian/patches/CVE-2022-27404.patch: avoid invalid face index in
src/sfnt/sfobjs.c, src/sfnt/sfwoff2.c.
- CVE-2022-27404
* SECURITY UPDATE: Segmentation violation in FNT_Size_Request
- debian/patches/CVE-2022-27405.patch: properly guard face_index in
src/base/ftobjs.c.
- CVE-2022-27405
* SECURITY UPDATE: Segmentation violation in FT_Request_Size
- debian/patches/CVE-2022-27406.patch: guard face->size in
src/base/ftobjs.c.
- CVE-2022-27406
* SECURITY UPDATE: Heap-based buffer overflow in ftbench demo
- debian/patches/CVE-2022-31782.patch: check the number of glyphs in
ft2demos/src/ftbench.c.
- CVE-2022-31782
-- Marc Deslauriers <email address hidden> Tue, 19 Jul 2022 11:13:32 -0400
|
CVE-2022-27404 |
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face. |
CVE-2022-27405 |
FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request. |
CVE-2022-27406 |
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size. |
CVE-2022-31782 |
ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow. |
|
About
-
Send Feedback to @ubuntu_updates