UbuntuUpdates.org

Package "freetype2-demos"

Name: freetype2-demos

Description:

FreeType 2 demonstration programs

Latest version: 2.6.1-0.1ubuntu2.5
Release: xenial (16.04)
Level: security
Repository: universe
Head package: freetype
Homepage: http://www.freetype.org

Links


Download "freetype2-demos"


Other versions of "freetype2-demos" in Xenial

Repository Area Version
base universe 2.6.1-0.1ubuntu2
updates universe 2.6.1-0.1ubuntu2.5

Changelog

Version: 2.6.1-0.1ubuntu2.5 2020-10-20 11:07:10 UTC

  freetype (2.6.1-0.1ubuntu2.5) xenial-security; urgency=medium

  * SECURITY UPDATE: heap buffer overflow via integer truncation in
    Load_SBit_Png
    - debian/patches-freetype/CVE-2020-15999.patch: Update
      src/sfnt/pngshim.c to test and reject invalid bitmap size earlier in
      Load_SBit_Png. Based on upstream patch.
    - CVE-2020-15999

 -- Alex Murray <email address hidden> Tue, 20 Oct 2020 12:53:06 +1030

Source diff to previous version
CVE-2020-15999 RESERVED

Version: 2.6.1-0.1ubuntu2.4 2019-09-09 19:06:59 UTC
No changelog available yet.
Source diff to previous version

Version: 2.6.1-0.1ubuntu2.3 2017-05-09 16:07:24 UTC

  freetype (2.6.1-0.1ubuntu2.3) xenial-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds write in t1_decoder_parse_charstrings
    - debian/patches-freetype/CVE-2017-8105.patch: add a check to
      src/psaux/t1decode.c.
    - CVE-2017-8105
  * SECURITY UPDATE: out-of-bounds write in t1_builder_close_contour
    - debian/patches-freetype/CVE-2017-8287.patch: add a check to
      src/psaux/psobjs.c.
    - CVE-2017-8287

 -- Marc Deslauriers <email address hidden> Thu, 04 May 2017 11:56:21 -0400

Source diff to previous version
CVE-2017-8105 FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function i
CVE-2017-8287 FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in ps

Version: 2.6.1-0.1ubuntu2.2 2017-04-21 02:07:27 UTC

  freetype (2.6.1-0.1ubuntu2.2) xenial-security; urgency=medium

  * SECURITY UPDATE: heap based buffer overflow in cff_parser_run()
    - debian/patches-freetype/CVE-2016-10328.patch: add additional check
      to parser stack size in src/cff/cffparse.c
    - CVE-2016-10328

 -- Steve Beattie <email address hidden> Wed, 19 Apr 2017 17:29:18 -0700

Source diff to previous version
CVE-2016-1032 Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to

Version: 2.6.1-0.1ubuntu2.1 2017-03-20 18:07:12 UTC

  freetype (2.6.1-0.1ubuntu2.1) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS and possible code execution via missing glyph name
    - debian/patches/CVE-2016-10244.patch: add check to src/type1/t1load.c.
    - CVE-2016-10244

 -- Marc Deslauriers <email address hidden> Thu, 16 Mar 2017 13:38:15 -0400

CVE-2016-1024 Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to



About   -   Send Feedback to @ubuntu_updates