Source: freetype Version: 2.8.1-1 Severity: important Tags: security upstream
Hi, the following vulnerability was published for freetype. CVE-2018-6942[0]: | An issue was discovered in FreeType 2 through 2.9. A NULL pointer | dereference in the Ins_GETVARIATION() function within ttinterp.c could | lead to DoS via a crafted font file. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-6942 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6942 [1] https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef Please adjust the affected versions in the BTS as needed. Regards, Salvatore
