[ubuntu/focal-updates] freetype 2.10.1-2ubuntu0.2 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Wed Jul 20 13:58:20 UTC 2022
freetype (2.10.1-2ubuntu0.2) focal-security; urgency=medium
* SECURITY UPDATE: Heap buffer overflow in sfnt_init_face
- debian/patches/CVE-2022-27404.patch: avoid invalid face index in
src/sfnt/sfobjs.c.
- CVE-2022-27404
* SECURITY UPDATE: Segmentation violation in FNT_Size_Request
- debian/patches/CVE-2022-27405.patch: properly guard face_index in
src/base/ftobjs.c.
- CVE-2022-27405
* SECURITY UPDATE: Segmentation violation in FT_Request_Size
- debian/patches/CVE-2022-27406.patch: guard face->size in
src/base/ftobjs.c.
- CVE-2022-27406
* SECURITY UPDATE: Heap-based buffer overflow in ftbench demo
- debian/patches/CVE-2022-31782.patch: check the number of glyphs in
ft2demos/src/ftbench.c.
- CVE-2022-31782
Date: 2022-07-19 16:49:09.020193+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/freetype/2.10.1-2ubuntu0.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list