Debian Bug report logs -
#972586
freetype: CVE-2020-15999: buffer overflow in Load_SBit_Png
Package:
src:freetype;
Maintainer for src:freetype is Hugh McMaster <hughmcmaster@outlookcom>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 20 Oct 2020 19:09:02 UTC
Severity: grave
Tags: pending, security ...
Synopsis
Important: freetype security update
Type/Severity
Security Advisory: Important
Topic
An update for freetype is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis
Moderate: OpenShift Container Platform 4520 bug fix and golang security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 4520 is now available with updates to packages and images that fix several bugsThis release includes a security update for ...
Synopsis
Moderate: OpenShift Container Platform 4521 bug fix and security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 4521 is now available with updates to packages and images that fix several bugsThis release includes a security update for opensh ...
Synopsis
Important: freetype security update
Type/Severity
Security Advisory: Important
Topic
An update for freetype is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabi ...
Synopsis
Important: freetype security update
Type/Severity
Security Advisory: Important
Topic
An update for freetype is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis
Important: freetype security update
Type/Severity
Security Advisory: Important
Topic
An update for freetype is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
Synopsis
Important: chromium-browser security update
Type/Severity
Security Advisory: Important
Topic
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...
Synopsis
Important: freetype security update
Type/Severity
Security Advisory: Important
Topic
An update for freetype is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
Multiple security issues were discovered in the Chromium web browser, which
could result in the execution of arbitrary code, denial of service
or information disclosure
For the stable distribution (buster), these problems have been fixed in
version 870428088-04~deb10u1
We recommend that you upgrade your chromium packages
For the detailed sec ...
Sergei Glazunov discovered a heap-based buffer overflow vulnerability in
the handling of embedded PNG bitmaps in FreeType Opening malformed
fonts may result in denial of service or the execution of arbitrary
code
For the stable distribution (buster), this problem has been fixed in
version 291-3+deb10u2
We recommend that you upgrade your freety ...
Heap buffer overflow in Freetype in Google Chrome prior to 8604240111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page (CVE-2020-15999) ...
A head buffer overflow has been found in freetype2 before 2104 Malformed TTF files with PNG sbit glyps can cause a heap buffer overflow in Load_SBit_Png ...
Mozilla Foundation Security Advisory 2020-50
Security Vulnerabilities fixed in Firefox 83
Announced
November 17, 2020
Impact
high
Products
Firefox
Fixed in
Firefox 83
...
Mozilla Foundation Security Advisory 2020-52
Security Vulnerabilities fixed in Thunderbird 785
Announced
November 17, 2020
Impact
high
Products
Thunderbird
Fixed in
Thunderbird 785
...
Mozilla Foundation Security Advisory 2020-51
Security Vulnerabilities fixed in Firefox ESR 785
Announced
November 17, 2020
Impact
high
Products
Firefox ESR
Fixed in
Firefox ESR 785
...
The stable channel has been updated to 8604240111 for Windows, Mac & Linux which will roll out over the coming days/weeksA list of all changes is available in the log Interested in switching release channels? Find out how If you find a new issue, please let us know by filing a bug The community help forum is also a great place to reach ...
A heap buffer overflow leading to out-of-bounds write was found in freetype Memory allocation based on truncated PNG width and height values allows for an out-of-bounds write to occur in application memory when an attacker supplies a specially crafted TTF file (CVE-2020-15999) ...