Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: CVE-2008-1808 FreeType off-by-one flaws Alias: CVE-2008-1808 https://bugzilla.redhat.com/show_bug.cgi?id=450774 ------- Additional Comments From [EMAIL PROTECTED] 2008-06-17 06:01 EST ------- The TTF issue affects TTF virtual machine byte code interpreter (BCI). This interpreter is disabled by default on freetype 2.x (libtruetype) due to a patent issues as described on the upstream web page: http://www.freetype.org/patents.html All Red Hat Enterprise Linux and Fedora freetype 2.x versions have BCI disabled and are not affected by the TTF part of CVE-2008-1808. Only custom rebuilds with BCI enabled may possibly be affected. Freetype 1.x (libttf) does enable BCI by default, but is explicitly disabled in freetype packages on Red Hat Enterprise Linux 3 and 4 and in freetype1 packages in all Fedora versions (via freetype-1.4-disable-ft1-bci.patch). Red Hat Enterprise Linux 5 does not ship freetype 1.x library. Freetype 1.x on Red Hat Enterprise Linux 2.1 is built with BCI enabled. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is. _______________________________________________ Fedora-fonts-bugs-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-fonts-bugs-list
