Advisories » MGASA-2017-0085

Updated freetype2 packages fix security vulnerability

Publication date: 25 Mar 2017
Modification date: 25 Mar 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-10244

Description

The parse_charstrings function in type1/t1load.c in FreeType 2 did not
ensure that a font contains a glyph name, which could allow remote
attackers to cause a denial of service (heap-based buffer over-read) or
possibly have unspecified other impact via a crafted file
(CVE-2016-10244).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=20465
• https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36
• http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1load.c?h=VER-2-7&id=a660e3de422731b94d4a134d27555430cbb6fb39
• https://www.cve.org/CVERecord?id=CVE-2016-10244

SRPMS

5/core

• freetype2-2.5.4-2.1.mga5

5/tainted

• freetype2-2.5.4-2.1.mga5.tainted