lib32-freetype2
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Font rasterization library (32-bit) |
| Version | 2.13.3-2 [multilib] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-1255 | 2.10.3-1 | 2.10.4-1 | High | Fixed | |
| AVG-258 | 2.7.1-1 | 2.7.1-2 | High | Fixed | |
| AVG-252 | 2.7-2 | 2.7.1-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2020-15999 | AVG-1255 | High | Yes | Arbitrary code execution | A heap buffer overflow has been found in freetype2 before 2.10.4. Malformed TTF files with PNG sbit glyphs can cause a heap buffer overflow in Load_SBit_Png... |
| CVE-2017-8287 | AVG-258 | High | Yes | Arbitrary code execution | FreeType 2 <= 2.7.1 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c. |
| CVE-2017-8105 | AVG-258 | High | Yes | Arbitrary code execution | FreeType 2 <= 2.7.1 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. |
| CVE-2016-10328 | AVG-252 | High | No | Arbitrary code execution | FreeType 2 before 2016-12-16 (2.7.1) has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c. |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 20 Oct 2020 | ASA-202010-11 | AVG-1255 | High | arbitrary code execution |
| 10 May 2017 | ASA-201705-10 | AVG-258 | High | arbitrary code execution |