This bug was fixed in the package freetype - 2.5.2-1ubuntu2.5
---------------
freetype (2.5.2-1ubuntu2.5) trusty-security; urgency=medium
* SECURITY UPDATE: uninitialized memory reads (LP: #1449225)
- debian/patches-freetype/savannah-bug-41309.patch: fix use of
uninitialized data in src/cid/cidload.c, src/psaux/psobjs.c,
src/type1/t1load.c, src/type42/t42parse.c.
- No CVE number
* SECURITY UPDATE: denial of service via infinite loop in parse_encode
(LP: #1492124)
- debian/patches-freetype/savannah-bug-41590.patch: protect against
invalid charcode in src/type1/t1load.c.
- No CVE number
-- Marc Deslauriers <[email protected]> Thu, 10 Sep 2015
07:09:04 -0400
** Changed in: freetype (Ubuntu Trusty)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1449225
Title:
Backport #41309 ( 8b281f83e ) to fix use of uninitialized data.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1449225/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
