[Secure-testing-team] Bug#860307: freetype: CVE-2017-7857 CVE-2017-7858
Salvatore Bonaccorso
carnil at debian.org
Fri Apr 14 10:00:52 UTC 2017
Source: freetype
Version: 2.7.1-0.1
Severity: grave
Tags: security upstream experimental
Hi,
the following vulnerabilities were published for freetype. AFAICS
these affect only the version in experimental, so before it will
migrate at some point to unstable, fixes for those two CVEs should be
included.
CVE-2017-7857[0]:
| FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a
| heap-based buffer overflow related to the TT_Get_MM_Var function in
| truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
CVE-2017-7858[1]:
| FreeType 2 before 2017-03-07 has an out-of-bounds write related to the
| TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face
| function in sfnt/sfobjs.c.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-7857
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7857
[1] https://security-tracker.debian.org/tracker/CVE-2017-7858
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7858
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the Secure-testing-team
mailing list