[Bug 613198] CVE-2010-2520 freetype: heap buffer overflow vulnerability in truetype bytecode support
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=613198
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |CLOSED
Resolution| |NOTABUG
Status Whiteboard|public=20100609,reported=20 |public=20100609,reported=20
|100702,source=vendorsec,imp |100702,source=vendorsec,imp
|act=important,cvss2=7.5/AV: |act=important,cvss2=7.5/AV:
|N/AC:L/Au:N/C:P/I:P/A:P,fed |N/AC:L/Au:N/C:P/I:P/A:P,fed
|ora-all/freetype=affected |ora-all/freetype=notaffecte
| |d
--- Comment #1 from Vincent Danen <vdanen(a)redhat.com> 2010-07-09 20:28:20 EDT ---
Provided we never enable truetype bytecode support (doubtful since it's
patented) this won't affect any version of freetype we ship.
Users that have rebuilt freetype with truetype bytecode support enabled will
probably want to patch this and rebuild again to get the fix, or revert to the
(supported) version of freetype as provided (with truetype bytecode support
disabled).
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
13 years, 11 months
[Bug 613154] CVE-2010-2497 freetype: integer underflow vulnerability
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=613154
Vincent Danen <vdanen(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status Whiteboard|public=20100609,reported=20 |public=20100609,reported=20
|100702,source=vendorsec,imp |100702,source=vendorsec,imp
|act=moderate,cvss2=7.5/AV:N |act=important,cvss2=7.5/AV:
|/AC:L/Au:N/C:P/I:P/A:P,rhel |N/AC:L/Au:N/C:P/I:P/A:P,rhe
|-6/freetype=affected,fedora |l-6/freetype=affected,fedor
|-all/freetype=affected |a-all/freetype=affected
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
13 years, 11 months