[Bug 1079601] New: VUL-1: freetype2: Protection against invalid VF data
http://bugzilla.suse.com/show_bug.cgi?id=1079601 Bug ID: 1079601 Summary: VUL-1: freetype2: Protection against invalid VF data Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.3 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: fstrba@suse.com Reporter: kbabioch@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- There is an upstream commit handling invalid VF data more safely. This should be applied to our product, since there is no new release of freetype2. References: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5739 https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/truetype... -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1079601
Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1079601
http://bugzilla.suse.com/show_bug.cgi?id=1079601#c2
--- Comment #2 from Swamp Workflow Management
http://bugzilla.suse.com/show_bug.cgi?id=1079601
http://bugzilla.suse.com/show_bug.cgi?id=1079601#c5
Tomáš Chvátal
http://bugzilla.suse.com/show_bug.cgi?id=1079601
http://bugzilla.suse.com/show_bug.cgi?id=1079601#c6
--- Comment #6 from Marcus Meissner
participants (1)
-
bugzilla_noreply@novell.com