| Summary: | freetype2 new security issue CVE-2022-31782 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | Normal | CC: | andrewsfarm, davidwhodgins, nicolas.salguero, sysadmin-bugs |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK | ||
| Source RPM: | freetype2-2.10.4-2.1.mga8(.tainted).src.rpm | CVE: | CVE-2022-31782 |
| Status comment: | |||
|
Description
David Walser
2022-07-21 16:38:46 CEST
David Walser
2022-07-21 16:39:03 CEST
Status comment:
(none) =>
Patches available from upstream and Ubuntu Assigning to you, Stig, as you did all the more recent 'freetype2' version updates. This may be more complicated. Assignee:
bugsquad =>
smelror Suggested advisory: ======================== The updated packages fix a security vulnerability: ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow. (CVE-2022-31782) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31782 https://ubuntu.com/security/notices/USN-5528-1 ======================== Updated packages in core/updates_testing: ======================== freetype2-demos-2.10.4-2.2.mga8 lib(64)freetype6-2.10.4-2.2.mga8 lib(64)freetype2-devel-2.10.4-2.2.mga8 from SRPM: freetype2-2.10.4-2.2.mga8.src.rpm Updated packages in tainted/updates_testing: ======================== freetype2-demos-2.10.4-2.2.mga8.tainted lib(64)freetype6-2.10.4-2.2.mga8.tainted lib(64)freetype2-devel-2.10.4-2.2.mga8.tainted from SRPM: freetype2-2.10.4-2.2.mga8.tainted.src.rpm Source RPM:
freetype2-2.12.1-1.mga9.src.rpm =>
freetype2-2.10.4-2.1.mga8(.tainted).src.rpm No installation issues for core version. Downloaded a free Freetype font, and extracted it. It came up as belonging to root, so as root I ran ftbench with it: [root@localhost ~]# ftbench /home/tom/CuteEasterPersonalUse-Wy8nV.ttf ftbench results for font `/home/tom/CuteEasterPersonalUse-Wy8nV.ttf' -------------------------------------------------------------------- family: Cute Easter - Personal Use style: Regular number of seconds for each test: 2.000000 glyph indices: from 0 to 236 face size: 10ppem font preloading into memory: no load flags: 0x0 render mode: 0 CFF hinting engine set to `adobe' TrueType interpreter set to version 40 maximum cache size: 1024KiByte executing tests: Load 23.863 us/op 83898 done Load_Advances (Normal) 23.725 us/op 84372 done Load_Advances (Fast) 0.074 us/op 24354594 done Load_Advances (Unscaled) 0.054 us/op 32275134 done Render 12.409 us/op 52614 done Get_Glyph 2.132 us/op 73470 done Get_Char_Index 0.069 us/op 26303919 done Iterate CMap 9.195 us/op 186250 done New_Face 47.047 us/op 40852 done Embolden 14.187 us/op 51192 done Stroke 187.129 us/op 9480 done Get_BBox 3.464 us/op 65649 done Get_CBox 1.301 us/op 71811 done New_Face & load glyph(s) 21.598 us/op 92667 done Results from the tainted version were identical. Giving this an OK, and validating. Advisory in Comment 2. Whiteboard:
(none) =>
MGA8-64-OK
Dave Hodgins
2022-08-24 22:57:17 CEST
Keywords:
(none) =>
advisory An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0297.html Status:
NEW =>
RESOLVED |