Red Hat Security Advisory: freetype security update
🔗 CVE IDs covered (13)
📋 Description
CVE-2014-9657 — freetype: off-by-one buffer over-read in tt_face_load_hdmx() CVE-2014-9658 — freetype: buffer over-read and integer underflow in tt_face_load_kern() CVE-2014-9660 — freetype: missing ENDCHAR NULL pointer dereference in the _bdf_parse_glyphs() CVE-2014-9661 — freetype: out of bounds read in Type42 font parser CVE-2014-9663 — freetype: out-of-bounds read in tt_cmap4_validate() CVE-2014-9664 — freetype: off-by-one buffer over-read in parse_charstrings() / t42_parse_charstrings() CVE-2014-9667 — freetype: integer overflow in tt_face_load_font_dir() leading to out-of-bounds read CVE-2014-9669 — freetype: multiple integer overflows leading to buffer over-reads in cmap handling CVE-2014-9670 — freetype: integer overflow in pcf_get_encodings() leading to NULL pointer dereference CVE-2014-9671 — freetype: integer overflow in pcf_get_properties() leading to NULL pointer dereference CVE-2014-9673 — freetype: integer signedness error in Mac_Read_POST_Resource() leading to heap-based buffer overflow CVE-2014-9674 — freetype: multiple integer overflows Mac_Read_POST_Resource() leading to heap-based buffer overflows CVE-2014-9675 — freetype: information leak in _bdf_add_property()
🔗 References (16)
- selfhttps://access.redhat.com/errata/RHSA-2015:0696
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1191079
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1191080
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1191082
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1191083
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1191085
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1191086
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1191090
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1191092
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1191093
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1191094
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1191096
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1191190
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1191192
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_0696.json