group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 2028863] [NEW] Denial of service via gvar table loading

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Marc Deslauriers <2028863@xxxxxxxxxxxxxxxxxx>
Date: Thu, 27 Jul 2023 13:50:56 -0000
Reply-to: Bug 2028863 <2028863@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

*** This bug is a security vulnerability ***

Public security bug reported:

focal and earlier need this commit to prevent a DoS:

https://gitlab.freedesktop.org/freetype/freetype/-/commit/216e077600a58346bb022d8409fd82e9d914a10a

** Affects: freetype (Ubuntu)
     Importance: Undecided
         Status: Fix Released

** Affects: freetype (Ubuntu Trusty)
     Importance: Undecided
         Status: New

** Affects: freetype (Ubuntu Xenial)
     Importance: Undecided
         Status: New

** Affects: freetype (Ubuntu Bionic)
     Importance: Undecided
         Status: New

** Affects: freetype (Ubuntu Focal)
     Importance: Low
         Status: Confirmed

** Also affects: freetype (Ubuntu Bionic)
   Importance: Undecided
       Status: New

** Also affects: freetype (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Also affects: freetype (Ubuntu Focal)
   Importance: Undecided
       Status: New

** Also affects: freetype (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Changed in: freetype (Ubuntu)
       Status: New => Fix Released

** Changed in: freetype (Ubuntu Focal)
       Status: New => Confirmed

** Changed in: freetype (Ubuntu Focal)
   Importance: Undecided => Low

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/2028863

Title:
  Denial of service via gvar table loading

Status in freetype package in Ubuntu:
  Fix Released
Status in freetype source package in Trusty:
  New
Status in freetype source package in Xenial:
  New
Status in freetype source package in Bionic:
  New
Status in freetype source package in Focal:
  Confirmed

Bug description:
  focal and earlier need this commit to prevent a DoS:

  https://gitlab.freedesktop.org/freetype/freetype/-/commit/216e077600a58346bb022d8409fd82e9d914a10a

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/2028863/+subscriptions