Date: Sat, 18 Apr 2009 09:55:39 +0000 (UTC) From: Martin Wilke <miwi@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/print/freetype2 Makefile ports/print/freetype2/files patch-src-cff_cffload.c patch-src-lzw_ftzopen.c patch-src-sfnt_ttcmap.c patch-src-smooth_ftsmooth.c Message-ID: <200904180955.n3I9tdmX000242@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
miwi 2009-04-18 09:55:39 UTC FreeBSD ports repository Modified files: print/freetype2 Makefile Added files: print/freetype2/files patch-src-cff_cffload.c patch-src-lzw_ftzopen.c patch-src-sfnt_ttcmap.c patch-src-smooth_ftsmooth.c Log: - Fix security problems Note: An integer overflow error within the "cff_charset_compute_cids()" function in cff/cffload.c can be exploited to potentially cause a heap-based buffer overflow via a specially crafted font. Multiple integer overflow errors within validation functions in sfnt/ttcmap.c can be exploited to bypass length validations and potentially cause buffer overflows via specially crafted fonts. An integer overflow error within the "ft_smooth_render_generic()" function in smooth/ftsmooth.c can be exploited to potentially cause a heap-based buffer overflow via a specially crafted font. Approved by: portmgr (pav) Obtained from: freetype git repo Security: http://www.vuxml.org/freebsd/20b4f284-2bfc-11de-bdeb-0030843d3802.html Revision Changes Path 1.85 +1 -0 ports/print/freetype2/Makefile 1.1 +47 -0 ports/print/freetype2/files/patch-src-cff_cffload.c (new) 1.1 +14 -0 ports/print/freetype2/files/patch-src-lzw_ftzopen.c (new) 1.1 +52 -0 ports/print/freetype2/files/patch-src-sfnt_ttcmap.c (new) 1.1 +27 -0 ports/print/freetype2/files/patch-src-smooth_ftsmooth.c (new)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200904180955.n3I9tdmX000242>