Parent Directory
| 
Revision Log
Fix 12986 adv for missing tainted package
| 1 | type: security |
| 2 | subject: Updated freetype2 packages fix security vulnerabilities |
| 3 | CVE: |
| 4 | - CVE-2014-2240 |
| 5 | - CVE-2014-2241 |
| 6 | src: |
| 7 | 4: |
| 8 | core: |
| 9 | - freetype2-2.5.0.1-3.1.mga4 |
| 10 | tainted: |
| 11 | - freetype2-2.5.0.1-3.1.mga4.tainted |
| 12 | description: | |
| 13 | It was reported that Freetype before 2.5.3 suffers from an out-of-bounds |
| 14 | stack-based read/write flaw in cf2_hintmap_build() in the CFF rasterizing |
| 15 | code, which could lead to a buffer overflow (CVE-2014-2240). |
| 16 | |
| 17 | It was also reported that Freetype before 2.5.3 has a denial-of-service |
| 18 | vulnerability in the CFF rasterizing code, due to a reachable assertion |
| 19 | (CVE-2014-2241). |
| 20 | references: |
| 21 | - https://bugs.mageia.org/show_bug.cgi?id=12986 |
| 22 | - https://bugzilla.redhat.com/show_bug.cgi?id=1074646 |
| 23 | - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741299 |
| 24 | ID: MGASA-2014-0130 |
| ViewVC Help | |
| Powered by ViewVC 1.1.30 |