[3.5] freetype: Multiple vulnerabilities (CVE-2016-10244, CVE-2017-8105, CVE-2017-8287)
CVE-2016-10244: parse_charstrings function in type1/t1load.c does not ensure that a font contains a glyph name
References:
https://nvd.nist.gov/vuln/detail/CVE-2016-10244
Patch:
CVE-2017-8105: heap-based buffer overflow related to the t1_decoder_parse_charstrings
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-8105
Patch:
CVE-2017-8287: heap-based buffer overflow related to the t1_builder_close_contour function
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-8287
Patch:
(from redmine: issue id 7267, created on 2017-05-04, closed on 2017-06-16)
- Relations:
- parent #7266 (closed)
- Changesets:
- Revision 1050b6ac by Daniel Sabogal on 2017-05-05T07:09:56Z:
main/freetype: security fixes #7267 (CVE-2017-8105, CVE-2017-8287)
CVE-2016-10244 is already fixed in this release