[ubuntu/jammy-security] freetype 2.11.1+dfsg-1ubuntu0.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Jul 20 13:09:57 UTC 2022
freetype (2.11.1+dfsg-1ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: Heap buffer overflow in sfnt_init_face
- debian/patches/CVE-2022-27404.patch: avoid invalid face index in
src/sfnt/sfobjs.c, src/sfnt/sfwoff2.c.
- CVE-2022-27404
* SECURITY UPDATE: Segmentation violation in FNT_Size_Request
- debian/patches/CVE-2022-27405.patch: properly guard face_index in
src/base/ftobjs.c.
- CVE-2022-27405
* SECURITY UPDATE: Segmentation violation in FT_Request_Size
- debian/patches/CVE-2022-27406.patch: guard face->size in
src/base/ftobjs.c.
- CVE-2022-27406
* SECURITY UPDATE: Heap-based buffer overflow in ftbench demo
- debian/patches/CVE-2022-31782.patch: check the number of glyphs in
ft2demos/src/ftbench.c.
- CVE-2022-31782
Date: 2022-07-19 16:49:13.746291+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/freetype/2.11.1+dfsg-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list