Vulmon
<!--X-Body-Begin-->
<!--X-User-Header-->
oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->
By Date
By Thread
</form>
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
CVE-2020-15999 fixed in FreeType 2.10.4
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->
From: Alan Coopersmith <alan.coopersmith () oracle com>
Date: Tue, 20 Oct 2020 09:49:31 -0700
<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
Before making this release, Werner said:
I've just fixed a heap buffer overflow that can happen for some
malformed `.ttf` files with PNG sbit glyphs. It seems that this
vulnerability gets already actively used in the wild, so I ask all
users to apply the corresponding commit as soon as possible.
But distros should be warned that 2.10.3 and later may break the build
of ghostscript, due to ghostscript's use of a withdrawn macro that
wasn't intended for external usage:
https://bugs.ghostscript.com/show_bug.cgi?id=702985
https://lists.nongnu.org/archive/html/freetype-devel/2020-10/msg00002.html
Ghostscript's fix for that is at:
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=41ef9a0bc36b
-Alan Coopersmith- alan.coopersmith () oracle com
Oracle Solaris Engineering - https://blogs.oracle.com/alanc
-------- Forwarded Message --------
Subject: [ft-announce] Announcing FreeType 2.10.4
Date: Tue, 20 Oct 2020 07:47:31 +0200 (CEST)
From: Werner LEMBERG <wl () gnu org>
To: freetype-announce () nongnu org, freetype-devel () nongnu org, freetype () nongnu org
FreeType 2.10.4 has been released.
It is available from
http://savannah.nongnu.org/download/freetype/
or
http://sourceforge.net/projects/freetype/files/
The latter site also holds older versions of the FreeType library.
See below for the relevant snippet from the CHANGES file.
Enjoy!
Werner
PS: Downloads from savannah.nongnu.org will redirect to your nearest
mirror site. Files on mirrors may be subject to a replication
delay of up to 24 hours. In case of problems use
http://download-mirror.savannah.gnu.org/releases/
----------------------------------------------------------------------
http://www.freetype.org
FreeType 2 is a software font engine that is designed to be small,
efficient, highly customizable, and portable while capable of
producing high-quality output (glyph images) of most vector and bitmap
font formats.
Note that FreeType 2 is a font service and doesn't provide APIs to
perform higher-level features, like text layout or graphics processing
(e.g., colored text rendering, `hollowing', etc.). However, it
greatly simplifies these tasks by providing a simple, easy to use, and
uniform interface to access the content of font files.
FreeType 2 is released under two open-source licenses: our own
BSD-like FreeType License and the GPL. It can thus be used by any
kind of projects, be they proprietary or not.
----------------------------------------------------------------------
CHANGES BETWEEN 2.10.3 and 2.10.4
I. IMPORTANT BUG FIXES
- A heap buffer overflow has been found in the handling of embedded
PNG bitmaps, introduced in FreeType version 2.6.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999
If you use option FT_CONFIG_OPTION_USE_PNG you should upgrade
immediately.
_______________________________________________
Freetype-announce mailing list
Freetype-announce () nongnu org
https://lists.nongnu.org/mailman/listinfo/freetype-announce
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->
By Date
By Thread
Current thread:
CVE-2020-15999 fixed in FreeType 2.10.4 Alan Coopersmith (Oct 20)
Re: CVE-2020-15999 fixed in FreeType 2.10.4 Werner LEMBERG (Oct 20)
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->