lib32-freetype2

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Font rasterization library (32-bit)
Version 2.11.1-1 [multilib]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1255 2.10.3-1 2.10.4-1 High Fixed
AVG-258 2.7.1-1 2.7.1-2 High Fixed
AVG-252 2.7-2 2.7.1-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2020-15999 AVG-1255 High Yes Arbitrary code execution
A heap buffer overflow has been found in freetype2 before 2.10.4. Malformed TTF files with PNG sbit glyphs can cause a heap buffer overflow in Load_SBit_Png...
CVE-2017-8287 AVG-258 High Yes Arbitrary code execution
FreeType 2 <= 2.7.1 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.
CVE-2017-8105 AVG-258 High Yes Arbitrary code execution
FreeType 2 <= 2.7.1 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
CVE-2016-10328 AVG-252 High No Arbitrary code execution
FreeType 2 before 2016-12-16 (2.7.1) has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.

Advisories

Date Advisory Group Severity Type
20 Oct 2020 ASA-202010-11 AVG-1255 High arbitrary code execution
10 May 2017 ASA-201705-10 AVG-258 High arbitrary code execution