AVG-258 log
Package | lib32-freetype2 |
Status | Fixed |
Severity | High |
Type | arbitrary code execution |
Affected | 2.7.1-1 |
Fixed | 2.7.1-2 |
Current | 2.13.3-2 [multilib] |
Ticket | None |
Created | Thu Apr 27 16:26:55 2017 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2017-8287 | High | Yes | Arbitrary code execution | FreeType 2 <= 2.7.1 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c. |
CVE-2017-8105 | High | Yes | Arbitrary code execution | FreeType 2 <= 2.7.1 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. |
Date | Advisory | Package | Type |
---|---|---|---|
10 May 2017 | ASA-201705-10 | lib32-freetype2 | arbitrary code execution |
References |
---|
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941 |