VYPR

rpm package

suse/freetype2&distro=SUSE Linux Enterprise Software Development Kit 12 SP2

pkg:rpm/suse/freetype2&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2

Vulnerabilities (4)

  • CVE-2017-8287CriApr 27, 2017
    affected < 2.6.3-7.15.1fixed 2.6.3-7.15.1

    FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.

  • CVE-2017-8105CriApr 24, 2017
    affected < 2.6.3-7.15.1fixed 2.6.3-7.15.1

    FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.

  • CVE-2017-7864CriApr 14, 2017
    affected < 2.6.3-7.15.1fixed 2.6.3-7.15.1

    FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.

  • CVE-2016-10244HigMar 6, 2017
    affected < 2.6.3-7.15.1fixed 2.6.3-7.15.1

    The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file.