An out-of heap-based buffer read flaw was found in the way FreeType font rendering engine performed parsing of glyph information and relevant bitmaps for glyph bitmap distribution format (BDF). A remote attacker could provide a specially-crafted BDF font file, which once opened in an application linked against FreeType would lead to that application crash.
This issue affects the version of freetype as shipped with Fedora-17 and Fedora-18.
This issue affects the version of mingw-freetype as shipped with Fedora-17 and Fedora-18.
Further analyzing this issue, there seems to be an OOB write here. This flaw also affects Red Hat Enterprise Linux 5 and 6.
Created freetype tracking bugs for this issue
Affects: fedora-all [bug 903554]
Created mingw-freetype tracking bugs for this issue
Affects: fedora-all [bug 903555]
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Via RHSA-2013:0216 https://rhn.redhat.com/errata/RHSA-2013-0216.html
freetype-2.4.10-3.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
freetype-2.4.8-4.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.