https://bugzilla.redhat.com/show_bug.cgi?id=1544771

            Bug ID: 1544771
           Summary: CVE-2018-6942 freetype: NULL pointer dereference in
                    the Ins_GETVARIATION() function
           Product: Security Response
         Component: vulnerability
          Keywords: Security
          Severity: low
          Priority: low
          Assignee: security-response-t...@redhat.com
          Reporter: ane...@redhat.com
                CC: a...@redhat.com, al...@redhat.com,
                    fonts-bugs@lists.fedoraproject.org,
                    john.j5l...@gmail.com, ke...@tigcc.ticalc.org,
                    mbar...@fastmail.com, mcla...@redhat.com,
                    mka...@redhat.com, rhug...@redhat.com,
                    rstr...@redhat.com, sandm...@redhat.com




An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference
in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a
crafted font file.

Upstream patch:

https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
fonts-bugs mailing list -- fonts-bugs@lists.fedoraproject.org
To unsubscribe send an email to fonts-bugs-le...@lists.fedoraproject.org

Reply via email to