https://bugzilla.redhat.com/show_bug.cgi?id=1191084
Tomas Hoger <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|medium |high Status|NEW |CLOSED Fixed In Version| |freetype 2.5.4 Resolution|--- |NOTABUG Whiteboard|impact=moderate,public=2014 |impact=important,public=201 |1124,reported=20150210,sour |41124,reported=20150210,sou |ce=cve,cvss2=3.7/AV:L/AC:H/ |rce=cve,cvss2=6.8/AV:N/AC:M |Au:N/C:P/I:P/A:P,fedora-all |/Au:N/C:P/I:P/A:P,cwe=CWE-1 |/freetype=affected,rhel-5/f |22,rhel-4/freetype=notaffec |reetype=new,rhel-6/freetype |ted,rhel-5/freetype=notaffe |=new,rhel-7/freetype=new |cted,rhel-6/freetype=notaff | |ected,rhel-7/freetype=notaf | |fected,rhev-m-3/mingw-virt- | |viewer=notaffected,fedora-a | |ll/freetype=affected,fedora | |-all/mingw-freetype=affecte | |d,epel-7/mingw-freetype=aff | |ected Severity|medium |high Last Closed| |2015-02-20 08:05:23 --- Comment #4 from Tomas Hoger <[email protected]> --- Upstream bug is: https://savannah.nongnu.org/bugs/?43658 Issue was fixed upstream in 2.5.4. The CFF parsing code affected by this issue was only introduced in upstream version 2.4.12, and enabled by default in 2.5. The affected code is not in freetype packages in Red Hat Enterprise Linux 7 and earlier, which are based on earlier upstream versions. Statement: Not vulnerable. This issue did not affect the versions of freetype as shipped with Red Hat Enterprise Linux 5, 6 and 7. -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=SqchprDmsL&a=cc_unsubscribe _______________________________________________ fonts-bugs mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/fonts-bugs http://fonts.fedoraproject.org/
