Parent Directory | Revision Log
Fix 12986 adv for missing tainted package
1 | type: security |
2 | subject: Updated freetype2 packages fix security vulnerabilities |
3 | CVE: |
4 | - CVE-2014-2240 |
5 | - CVE-2014-2241 |
6 | src: |
7 | 4: |
8 | core: |
9 | - freetype2-2.5.0.1-3.1.mga4 |
10 | tainted: |
11 | - freetype2-2.5.0.1-3.1.mga4.tainted |
12 | description: | |
13 | It was reported that Freetype before 2.5.3 suffers from an out-of-bounds |
14 | stack-based read/write flaw in cf2_hintmap_build() in the CFF rasterizing |
15 | code, which could lead to a buffer overflow (CVE-2014-2240). |
16 | |
17 | It was also reported that Freetype before 2.5.3 has a denial-of-service |
18 | vulnerability in the CFF rasterizing code, due to a reachable assertion |
19 | (CVE-2014-2241). |
20 | references: |
21 | - https://bugs.mageia.org/show_bug.cgi?id=12986 |
22 | - https://bugzilla.redhat.com/show_bug.cgi?id=1074646 |
23 | - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741299 |
24 | ID: MGASA-2014-0130 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |