Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype

On Tue, Jul 10, 2007 at 11:11:05AM +0100, Steve Kemp wrote: > On Mon Jul 09, 2007 at 17:43:47 -0700, Steve Langasek wrote: > > > Ok, uploading. > > -- please kick this one out, I just noticed I built it with > > stable-security as the target. > I'd be happy to do that if you, or somebody else

Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype

On Mon Jul 09, 2007 at 17:43:47 -0700, Steve Langasek wrote: > > Ok, uploading. > > -- please kick this one out, I just noticed I built it with > stable-security as the target. I'd be happy to do that if you, or somebody else, could tell me how to do so.. > Let me know if you would like me

Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype

On Mon, Jul 09, 2007 at 02:21:15PM -0700, Steve Langasek wrote: > On Mon, Jul 09, 2007 at 09:38:53PM +0100, Steve Kemp wrote: > > On Mon Jul 09, 2007 at 12:43:57 -0700, Steve Langasek wrote: > > > I've uploaded a freetype 2.1.7-7 package to > > > , signe

Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype

On Mon, Jul 09, 2007 at 09:38:53PM +0100, Steve Kemp wrote: > On Mon Jul 09, 2007 at 12:43:57 -0700, Steve Langasek wrote: > > I've uploaded a freetype 2.1.7-7 package to > > , signed and built for sarge. > Thanks. > > Let me know if you would like

Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype

On Mon Jul 09, 2007 at 12:43:57 -0700, Steve Langasek wrote: > I've uploaded a freetype 2.1.7-7 package to > , signed and built for sarge. Thanks. > Let me know if you would like me to upload this to security.d.o (I promise > I'll even use the embar

Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype

On Sat, Jul 07, 2007 at 07:23:38PM +0200, Moritz Muehlenhoff wrote: > On May 30, 2007 at 10:59:15PM +0100, Steve Kemp wrote: > > > I haven't > > > yet looked into whether this bug affects the sarge version of the package, > > > I'll do that next (unless somebody here already knows the answer). > >

Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype

On Sat, Jul 07, 2007 at 07:23:38PM +0200, Moritz Muehlenhoff wrote: > On May 30, 2007 at 10:59:15PM +0100, Steve Kemp wrote: > > > I haven't > > > yet looked into whether this bug affects the sarge version of the package, > > > I'll do that next (unless somebody here already knows the answer). > >

Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype

On May 30, 2007 at 10:59:15PM +0100, Steve Kemp wrote: > > I haven't > > yet looked into whether this bug affects the sarge version of the package, > > I'll do that next (unless somebody here already knows the answer). > > I was under the impression that it wasn't vulnerable, but I admit > I've

Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype

On Wed May 30, 2007 at 06:19:29 -0700, Steve Langasek wrote: > Signed package for etch is on its way up to > right now (built with -sa, so > should indeed be ready for upload straight to security-master). Thanks a lot, Steve. > Let me know if there'

Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype

On Tue, May 29, 2007 at 12:15:41PM +0100, Steve Kemp wrote: > On Sun May 27, 2007 at 12:47:58 +0200, Moritz Muehlenhoff wrote: > > I guess we should fix this, it's indirectly remotely exploitable at least > > by providing someone a malformed TTF font file. As libfreetype is an > > important > > i

Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype

On Sun May 27, 2007 at 12:47:58 +0200, Moritz Muehlenhoff wrote: > I guess we should fix this, it's indirectly remotely exploitable at least > by providing someone a malformed TTF font file. As libfreetype is an important > infrastructure library there might also be unforeseen indirect attack > ve

Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype

Hi Steve, Steve Langasek wrote: > Security team, I'm not sure if this warrants a DSA; I definitely don't see > much risk of a remote exploit the way the CVE claims, I don't know of any > applications that will load untrusted truetype fonts provided remotely > across the network. If you do think a

Processed: Re: Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype

Processing commands for [EMAIL PROTECTED]: > # no patch is included in this bug report > tags 425625 -patch Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype Tags were: patch security Tags removed: patch > thanks Stopping proces

Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype

# no patch is included in this bug report tags 425625 -patch thanks Hi Stefan, On Tue, May 22, 2007 at 11:01:51PM +0200, Stefan Fritsch wrote: > Package: libfreetype6 > Version: 2.2.1-5 > Severity: grave > Tags: security patch > Justification: user security hole > A vulnerability has been found

Bug#425625: CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype

Package: libfreetype6 Version: 2.2.1-5 Severity: grave Tags: security patch Justification: user security hole A vulnerability has been found in freetype. CVE-2007-2754: "Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary