Red Hat Security Advisory: freetype security update
🔗 CVE IDs covered (14)
📋 Description
CVE-2012-1126 — freetype: heap buffer over-read in BDF parsing _bdf_is_atom() (#35597, #35598) CVE-2012-1127 — freetype: heap buffer over-read in BDF parsing _bdf_parse_glyphs() (#35599, #35600) CVE-2012-1130 — freetype: heap buffer over-read in PCF parser pcf_get_properties() (#35603) CVE-2012-1131 — freetype: incorrect type cast allowing input sanity check bypass in ft_smooth_render_generic() (#35604) CVE-2012-1132 — freetype: heap buffer over-read in Type1 parser parse_subrs() (#35606) CVE-2012-1134 — freetype: limited heap buffer overflow in Type1 parser T1_Get_Private_Dict() (#35608) CVE-2012-1136 — freetype: uninitialized pointer use in BDF parser _bdf_parse_glyphs() (#35641) CVE-2012-1137 — freetype: heap buffer off-by-one in BDF parsing _bdf_list_ensure() (#35643) CVE-2012-1139 — freetype: data buffer underflow in BDF parser _bdf_parse_glyphs() (#35656) CVE-2012-1140 — freetype: multiple buffer over-read in PS parser conversion functions (#35657) CVE-2012-1141 — freetype: BDF parser _bdf_list_split() fails to properly initialize field array (#35658) CVE-2012-1142 — freetype: incorrect computation of number of glyphs in FNT_Face_Init() for FNT/FON files (#35659) CVE-2012-1143 — freetype: integer divide by zero in FT_DivFix() (#35660) CVE-2012-1144 — freetype: insufficient checking of first outline point in TTF parser (#35689)
🔗 References (17)
- selfhttps://access.redhat.com/errata/RHSA-2012:0467
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=800581
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=800583
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=800587
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=800589
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=800590
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=800592
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=800594
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=800595
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=800598
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=800600
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=800602
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=800604
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=800606
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=800607
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_0467.json