| Summary: | freetype2 security vulnerability (CVE-2017-8287) | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Zombie Ryushu <zombie_ryushu> |
| Component: | RPM Packages | Assignee: | Mageia Bug Squad <bugsquad> |
| Status: | RESOLVED DUPLICATE | QA Contact: | |
| Severity: | normal | ||
| Priority: | Normal | CC: | marja11 |
| Version: | Cauldron | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://www.linuxsecurity.com/content/view/171507/170/ | ||
| Whiteboard: | |||
| Source RPM: | freetype | CVE: | |
| Status comment: | |||
Already fixed: Name : freetype2 Relocations: (not relocatable) Version : 2.7.1 Vendor: Mageia.Org Release : 2.mga6.tainted Build Date: Sat 29 Apr 2017 11:21:23 PM CEST luigiwalser <luigiwalser> 2.7.1-2.mga6: + Revision: 1098077 - add upstream patches to fix CVE-2017-8105 and CVE-2017-8287 *** This bug has been marked as a duplicate of bug 20720 *** Status:
NEW =>
RESOLVED |
[slackware-security] freetype (SSA:2017-136-01) New freetype packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/freetype-2.6.3-i586-2_slack14.2.txz: Rebuilt. This update fixes an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287 (* Security fix *) +--------------------------+ Where to find the new packages: +-----