[3.5] freetype: NULL pointer dereference in the Ins_GETVARIATION() function (CVE-2018-6942)
An issue was discovered in FreeType 2 through 2.9. A NULL pointer
dereference in the Ins_GETVARIATION()
function within ttinterp.c could lead to DoS via a crafted font file.
References:
https://nvd.nist.gov/vuln/detail/CVE-2018-6942
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6942
Patch:
(from redmine: issue id 8990, created on 2018-06-12, closed on 2018-06-14)
- Relations:
- copied_to #8986 (closed)
- parent #8986 (closed)
- Changesets:
- Revision 161f787a on 2018-06-13T12:36:21Z:
main/freetype: security fix (CVE-2018-6942)
Fixes #8990