[ubuntu/bionic-security] freetype 2.8.1-2ubuntu2.2 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Jul 20 13:10:00 UTC 2022


freetype (2.8.1-2ubuntu2.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Heap buffer overflow in sfnt_init_face
    - debian/patches-freetype/CVE-2022-27404.patch: avoid invalid face
      index in src/sfnt/sfobjs.c.
    - CVE-2022-27404
  * SECURITY UPDATE: Segmentation violation in FNT_Size_Request
    - debian/patches-freetype/CVE-2022-27405.patch: properly guard
      face_index in src/base/ftobjs.c.
    - CVE-2022-27405
  * SECURITY UPDATE: Segmentation violation in FT_Request_Size
    - debian/patches-freetype/CVE-2022-27406.patch: guard face->size in
      src/base/ftobjs.c.
    - CVE-2022-27406
  * SECURITY UPDATE: Heap-based buffer overflow in ftbench demo
    - debian/patches-ft2demos/CVE-2022-31782.patch: check the number of
      glyphs in src/ftbench.c.
    - CVE-2022-31782

Date: 2022-07-19 17:04:10.775732+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/freetype/2.8.1-2ubuntu2.2
-------------- next part --------------
Sorry, changesfile not available.


More information about the Bionic-changes mailing list