Hide Forgot
An out-of heap-based buffer read flaw was found in the way FreeType font rendering engine performed parsing of glyph information and relevant bitmaps for glyph bitmap distribution format (BDF). A remote attacker could provide a specially-crafted BDF font file, which once opened in an application linked against FreeType would lead to that application crash. Upstream bug: https://savannah.nongnu.org/bugs/?37906 Patch: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d External References: http://seclists.org/oss-sec/2012/q4/511
This issue affects the version of freetype as shipped with Fedora-17 and Fedora-18. This issue affects the version of mingw-freetype as shipped with Fedora-17 and Fedora-18.
Further analyzing this issue, there seems to be an OOB write here. This flaw also affects Red Hat Enterprise Linux 5 and 6.
Created freetype tracking bugs for this issue Affects: fedora-all [bug 903554]
Created mingw-freetype tracking bugs for this issue Affects: fedora-all [bug 903555]
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Via RHSA-2013:0216 https://rhn.redhat.com/errata/RHSA-2013-0216.html
freetype-2.4.10-3.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
freetype-2.4.8-4.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.