Date: Thu, 22 Oct 2020 16:19:42 +0000 From: bugzilla-noreply@freebsd.org To: desktop@FreeBSD.org Subject: [Bug 250375] [exp-run] Upgrad print/freetype2 to 2.10.3 Message-ID: <bug-250375-39348-uaOjqJCNvG@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-250375-39348@https.bugs.freebsd.org/bugzilla/> References: <bug-250375-39348@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D250375 --- Comment #15 from commit-hook@FreeBSD.org --- A commit references this bug: Author: tcberner Date: Thu Oct 22 16:19:24 UTC 2020 New revision: 552991 URL: https://svnweb.freebsd.org/changeset/ports/552991 Log: print/freetype2: Security fix release 2.10.4 From: https://sourceforge.net/projects/freetype/files/freetype2/2.10.4/" I. IMPORTANT BUG FIXES - A heap buffer overflow has been found in the handling of embedded PNG bitmaps, introduced in FreeType version 2.6. https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2020-15999 If you use option FT_CONFIG_OPTION_USE_PNG you should upgrade immediately. Partial exp-run by: antoine PR: 250375 MFH: 2020Q4 Security: CVE-2020-15999 Changes: head/print/freetype2/Makefile head/print/freetype2/distinfo head/print/freetype2/pkg-plist --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-250375-39348-uaOjqJCNvG>