maintainer-feedback requested: [Bug 227568] print/freetype2: Apply upstream fix for CVE-2018-6942 (v2.9)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Apr 17 01:42:20 UTC 2018
Bugzilla Automation <bugzilla at FreeBSD.org> has asked freebsd-gnome mailing list
<gnome at FreeBSD.org> for maintainer-feedback:
Bug 227568: print/freetype2: Apply upstream fix for CVE-2018-6942 (v2.9)
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=227568
--- Description ---
Patch for print/freetype2 port with upstream fix for CVE-2018-6942:
"An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference
in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a
crafted font file."
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6942
https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e3
05ec428703c9a5831d0b1fc3497ef
Based on message about CVE-2018-6942 in docs/CHANGES file:
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=632a11f91f0d
932ac498e9e6ca022c9903ab05e9
More information about the freebsd-gnome
mailing list