Bug 621951
| Summary: | FreeType: Invalid read by benchmarking certain font files | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> | ||||
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
| Status: | CLOSED NOTABUG | QA Contact: | |||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | unspecified | CC: | behdad, fonts-bugs, kevin, mkasik | ||||
| Target Milestone: | --- | Keywords: | Security | ||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2010-09-29 08:37:01 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
Jan Lieskovsky
2010-08-06 15:33:16 UTC
Created attachment 437181 [details]
Local copy of PoC font file from Robert Swiecki
This issue did NOT affect the versions of the freetype package, as shipped with Red Hat Enterprise Linux 3, 4, or 5. This issue affects the versions of the freetype package, as shipped with Fedora release of 12 and 13. For what it's worth, the attachment is not a TrueType file, it's a Type42 file (ie. TrueType in a PostScript container). This only crashes ftbench, a test application shipped with freetype. Red Hat Security Response Team does not consider this as a security issue. |