Hi; On Fri, Jun 24, 2011 at 6:11 PM, Werner LEMBERG <w...@gnu.org> wrote:
> > > I am trying to audit our local patches to freetype2 in openSUSE to > > reduce the number of patches we apply. I noticed that fix for > > CVE-2010-3311 [0] is not applied to upstream freetype source. > > Attached is the fix for the issue with the demo CFF file. > > > > It would be nice to get this fixed so we can drop this patch. > > > > [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3311 > > Hmm, in > > https://bugzilla.redhat.com/show_bug.cgi?id=623625 > > I read this: > > Affected versions: freetype-2.3 and before that. Latest upstream > version (2.4) is not affected. > > Actually, I remember this CVE... And indeed, comment #39 says: > > The following upstream commit fixes this problem in freetype 2.4.x: > > commit 75787c19eab20874c5d588842c52e59cfbd9302a > Author: Werner Lemberg <w...@gnu.org> > Date: Sat Jun 26 09:24:08 2010 +0200 > > Add some memory checks (mainly for debugging). > > * src/base/ftstream.c (FT_Stream_EnterFrame): Exit with error > if the frame size is larger than the stream size. > > * src/base/ftsystem.c (ft_ansi_stream_io): Exit with error if > seeking a position larger than the stream size. > > :-) Very nice, another useless patch to drop. Thanks! ismail >
_______________________________________________ Freetype-devel mailing list Freetype-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/freetype-devel