FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

freetype2 -- buffer overflows

Affected packages
freetype2 < 2.8

Details

VuXML ID 4a088d67-3af2-11e7-9d75-c86000169601
Discovery 2017-05-17
Entry 2017-05-17

Werner Lemberg reports:

CVE-2017-8105, CVE-2017-8287: Older FreeType versions have out-of-bounds writes caused by heap-based buffer overflows related to Type 1 fonts.

References

CVE Name CVE-2017-8105
CVE Name CVE-2017-8287
URL http://lists.nongnu.org/archive/html/freetype-announce/2017-05/msg00000.html