UbuntuUpdates.org

Package "freetype2-demos"

Name: freetype2-demos

Description:

FreeType 2 demonstration programs
Latest version: 2.5.2-1ubuntu2.8
Release: trusty (14.04)
Level: updates
Repository: universe
Head package: freetype
Homepage: http://www.freetype.org

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "freetype2-demos"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "freetype2-demos" in Trusty

Repository Area Version
base universe 2.5.2-1ubuntu2
security universe 2.5.2-1ubuntu2.8

Changelog

Version: 2.5.2-1ubuntu2.8 2017-05-09 17:06:36 UTC

  freetype (2.5.2-1ubuntu2.8) trusty-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds write in t1_decoder_parse_charstrings
    - debian/patches-freetype/CVE-2017-8105.patch: add a check to
      src/psaux/t1decode.c.
    - CVE-2017-8105
  * SECURITY UPDATE: out-of-bounds write in t1_builder_close_contour
    - debian/patches-freetype/CVE-2017-8287.patch: add a check to
      src/psaux/psobjs.c.
    - CVE-2017-8287

 -- Marc Deslauriers <email address hidden> Thu, 04 May 2017 11:57:17 -0400
Source diff to previous version
CVE-2017-8105 FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function i
CVE-2017-8287 FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in ps

Version: 2.5.2-1ubuntu2.7 2017-04-21 02:07:22 UTC

  freetype (2.5.2-1ubuntu2.7) trusty-security; urgency=medium

  * SECURITY UPDATE: heap based buffer overflow in cff_parser_run()
    - debian/patches-freetype/CVE-2016-10328.patch: add additional check
      to parser stack size in src/cff/cffparse.c
    - CVE-2016-10328

 -- Steve Beattie <email address hidden> Wed, 19 Apr 2017 09:24:10 -0700
Source diff to previous version
CVE-2016-1032 Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to

Version: 2.5.2-1ubuntu2.6 2017-03-20 19:07:00 UTC

  freetype (2.5.2-1ubuntu2.6) trusty-security; urgency=medium

  * SECURITY UPDATE: DoS and possible code execution via missing glyph name
    - debian/patches/CVE-2016-10244.patch: add check to src/type1/t1load.c.
    - CVE-2016-10244

 -- Marc Deslauriers <email address hidden> Thu, 16 Mar 2017 13:39:54 -0400
Source diff to previous version
CVE-2016-1024 Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to

Version: 2.5.2-1ubuntu2.5 2015-09-10 19:06:42 UTC

  freetype (2.5.2-1ubuntu2.5) trusty-security; urgency=medium

  * SECURITY UPDATE: uninitialized memory reads (LP: #1449225)
    - debian/patches-freetype/savannah-bug-41309.patch: fix use of
      uninitialized data in src/cid/cidload.c, src/psaux/psobjs.c,
      src/type1/t1load.c, src/type42/t42parse.c.
    - No CVE number
  * SECURITY UPDATE: denial of service via infinite loop in parse_encode
    (LP: #1492124)
    - debian/patches-freetype/savannah-bug-41590.patch: protect against
      invalid charcode in src/type1/t1load.c.
    - No CVE number

 -- Marc Deslauriers Thu, 10 Sep 2015 07:09:04 -0400
Source diff to previous version
1449225 Backport #41309 ( 8b281f83e ) to fix use of uninitialized data.
1492124 infinite loop in parse_encoding (t1load.c)

Version: 2.5.2-1ubuntu2.4 2015-03-30 01:06:31 UTC

  freetype (2.5.2-1ubuntu2.4) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible code execution via
    multiple security issues
    - debian/patches-freetype/CVE-2014-96xx/*.patch: backport a large
      quantity of upstream commits to fix multiple security issues.
    - CVE-2014-9656
    - CVE-2014-9657
    - CVE-2014-9658
    - CVE-2014-9659
    - CVE-2014-9660
    - CVE-2014-9661
    - CVE-2014-9662
    - CVE-2014-9663
    - CVE-2014-9664
    - CVE-2014-9665
    - CVE-2014-9666
    - CVE-2014-9667
    - CVE-2014-9668
    - CVE-2014-9669
    - CVE-2014-9670
    - CVE-2014-9671
    - CVE-2014-9672
    - CVE-2014-9673
    - CVE-2014-9674
    - CVE-2014-9675
 -- Marc Deslauriers <email address hidden> Tue, 24 Feb 2015 09:06:36 -0500
CVE-2014-9656 The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remot
CVE-2014-9657 The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers
CVE-2014-9658 The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to
CVE-2014-9659 cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which
CVE-2014-9660 The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attack
CVE-2014-9661 type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attacke
CVE-2014-9662 cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a deni
CVE-2014-9663 The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely cal
CVE-2014-9664 FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of servi
CVE-2014-9665 The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote at
CVE-2014-9666 The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count v
CVE-2014-9667 sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to caus
CVE-2014-9668 The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, whi
CVE-2014-9669 Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memor
CVE-2014-9670 Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a deni
CVE-2014-9671 Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (N
CVE-2014-9672 Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bo
CVE-2014-9673 Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial o
CVE-2014-9674 The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original v
CVE-2014-9675 bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers


About   -   Send Feedback to @ubuntu_updates