matthieu
4aee46235d
Security MFC for CVE-2010-3855
...
commit 59eb9f8cfe7d1df379a2318316d1f04f80fba54a
Author: Werner Lemberg <wl@gnu.org>
Date: Tue Oct 12 07:49:17 2010 +0200
Fix Savannah bug #31310 .
* src/truetype/ttgxvar.c (ft_var_readpackedpoints): Protect against
invalid `runcnt' values.
2010-11-06 16:46:57 +00:00
matthieu
625c5107a5
MFC security fix for CVE-2010-3814
...
commit 0edf0986f3be570f5bf90ff245a85c1675f5c9a4
Author: Werner Lemberg <wl@gnu.org>
Date: Wed Oct 6 11:52:27 2010 +0200
[truetype] Improve error handling of `SHZ' bytecode instruction.
Problem reported by Chris Evans <scarybeasts@gmail.com>.
* src/truetype/ttinterp.c (Ins_SHZ): Check `last_point'.
2010-11-06 16:45:49 +00:00
matthieu
bfe3d87ade
Update to freetype 2.4.3. Tested at least by krw@, ajacoutot@ and jasper@
2010-10-23 19:30:16 +00:00
matthieu
45438d0119
Update to freetype 2.4.2. This has been in snapshots for a while
...
and tested explicitely by ajacoutot@ jasper@, jcs@, krw@ and others
on various architectures.
2010-09-01 19:14:23 +00:00
matthieu
2b3e93e33b
patches from Freetype.org for the security issues found by Robert Swiecki:
...
CVE-2010-2497 freetype integer underflow
CVE-2010-2498 freetype invalid free
CVE-2010-2499 freetype buffer overflow
CVE-2010-2500 freetype integer overflow
CVE-2010-2519 freetype heap buffer overflow
CVE-2010-2520 freetype buffer overflow on heap
2010-07-17 14:06:43 +00:00
matthieu
1be5fe96c1
Update to freetpe 2.3.12. Tested against ports by naddy@.
2010-03-25 20:49:53 +00:00
matthieu
164d06ad38
Fixes for CVE-2009-0946 from freetype2 git repository:
...
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote
attackers to execute arbitrary code via vectors related to large values
in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c,
and (3) cff/cffload.c.
Plus one additional fix for malformed compressed data.
2009-04-27 07:11:16 +00:00
matthieu
8a907a311b
Update to Freetype 2.3.9.
...
Bump major to be safe.
Small arm assembler fix in ftconfig.h by drahn@
2009-03-26 07:31:44 +00:00
matthieu
87859a9c26
Update to Freetype 2.3.8. Tested by jsg@.
2009-03-10 20:28:33 +00:00
matthieu
f8e0dbd0cd
Update to Freetype 2.3.7. This is a bug fix release. No API change.
2008-08-21 05:09:08 +00:00
matthieu
6f11b80c67
Update to freetype 2.3.6.
...
Contains security fixes for CVE-2008-1806, CVE-2008-1807 and CVE-2008-1808.
Tested by many.
2008-06-22 17:37:35 +00:00
matthieu
3c28b922f5
More bits for freetype 2.3.5
2007-09-08 16:59:03 +00:00
matthieu
f4cb73c397
Merge freetype 2.3.5. Tested by naddy@ and mbalmer@.
2007-09-08 16:39:54 +00:00
matthieu
f731f6acb5
import freetype 2.3.5
2007-09-08 16:28:30 +00:00
matthieu
15235d0d22
Fix for CVE-2007-2754: integer overflow that can lead to an heap overflow.
...
Discovered by Victor Stinner. Patch from Freetype repository.
2007-05-25 01:23:29 +00:00
todd
517a55a2c5
bdf CVE-2007-1351
...
BDFFont Parsing Integer Overflow Vulnerability
The discoverer of this vulnerability wishes to remain anonymous.
from matthieu@
2007-04-04 02:51:57 +00:00
matthieu
77cb7f251b
Revert local debug stuff that wasn't meant to be committed.
2007-03-25 13:22:40 +00:00
matthieu
00a847b3f8
regen with libtool 1.5.22p9
2007-03-25 13:02:54 +00:00
matthieu
68f868c8f6
Import freetype 2.2.1
2006-11-25 18:44:16 +00:00