Public bug reported: Ubuntu 14.04's libfreetype has not been patched with the fix for [1], thus applications that use libfreetype6 are vulnerable to infinite loops. e.g. Chromium / Google Chrome. [2] If you add a small patch to apply freetype commit df14e6 [3], that should fix the problem. I verified this locally.
I have not checked other Ubuntu releases to see if they are affected. [1] http://savannah.nongnu.org/bugs/index.php?41590 [2] https://code.google.com/p/chromium/issues/detail?id=459050 [3] http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75 ** Affects: freetype (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1492124 Title: infinite loop in parse_encoding (t1load.c) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1492124/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
