touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #80228
[Bug 1449225] Re: Backport #41309 ( 8b281f83e ) to fix use of uninitialized data.
This bug was fixed in the package freetype - 2.5.2-4ubuntu1
---------------
freetype (2.5.2-4ubuntu1) wily; urgency=medium
* Merge from Debian unstable, remaining changes:
- debian/patches-freetype/revert_scalable_fonts_metric.patch:
revert commit "Fix metrics on size request for scalable fonts.",
which breaks gtk underlining markups
- Make libfreetype6-dev M-A: same.
- Error out on the use of the freetype-config --libtool option.
- Don't add multiarch libdirs for freetype-config --libs.
- Install the freetype2/config headers into the multiarch include path
and provide symlinks in /usr/include.
- debian/patches-freetype/multi-thread-violations.patch: fix
multithread violations
* Dropped changes, included in Debian:
- debian/patches-freetype/CVE-2014-96xx/*
* debian/patches-freetype/savannah-bug-41309.patch: fix use of
uninitialized data. (LP: #1449225)
freetype (2.5.2-4) unstable; urgency=medium
* Fix Savannah bug #43774. Closes #780143.
* Release 2.5.2-4
freetype (2.5.2-3) unstable; urgency=medium
* Fix Savannah bug #43535. CVE-2014-9675
* [bdf] Fix Savannah bug #41692. CVE-2014-9675-fixup-1
* src/base/ftobj.c (Mac_Read_POST_Resource): Additional overflow check
in the summation of POST fragment lengths. CVE-2014-0674-part-2
* src/base/ftobjs.c (Mac_Read_POST_Resource): Insert comments and fold
too long tracing messages. CVS-2014-9674-fixup-2
* src/base/ftobjs.c (Mac_Read_POST_Resource): Use unsigned long variables to read the lengths in POST fragments. CVE-2014-9674-fixup-1
* Fix Savannah bug #43538. CVE-2014-9674-part-1
* Fix Savannah bug #43539. CVE-2014-9673
* src/base/ftobjs.c (Mac_Read_POST_Resource): Avoid memory leak by
a broken POST table in resource-fork. CVE-2014-9673-fixup
* Fix Savannah bug #43540. CVE-2014-9672
* Fix Savannah bug #43547. CVE-2014-9671
* Fix Savannah bug #43548. CVE-2014-9670
* [sfnt] Fix Savannah bug #43588. CVE-2014-9669
* [sfnt] Fix Savannah bug #43589. CVE-2014-9668
* [sfnt] Fix Savannah bug #43590. CVE-2014-9667
* [sfnt] Fix Savannah bug #43591. CVE-2014-9666
* Change some fields in `FT_Bitmap' to unsigned type. CVE-2014-9665
* Fix uninitialized variable warning. CVE-2014-9665-fixup-2
* Make `FT_Bitmap_Convert' correctly handle negative `pitch' values.
CVE-2014-9665-fixup
* [type1, type42] Fix Savannah bug #43655. CVE-2014-9664
* [sfnt] Fix Savannah bug #43656. CVE-2014-9663
* [cff] Fix Savannah bug #43658. CVE-2014-9662
* [type42] Allow only embedded TrueType fonts. CVE-2014-9661
* [bdf] Fix Savannah bug #43660. CVE-2014-9660
* [cff] Fix Savannah bug #43661. CVE-2014-9659
* [sfnt] Fix Savannah bug #43672. CVE-2014-9658
* [truetype] Fix Savannah bug #43679. CVE-2014-9657
* [sfnt] Fix Savannah bug #43680. CVE-2014-9656
* All CVEs patched. Closes: #777656.
-- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx> Fri, 22 May 2015
11:03:23 -0400
** Changed in: freetype (Ubuntu Wily)
Status: Confirmed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0674
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9656
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9657
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9658
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9659
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9660
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9661
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9662
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9663
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9664
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9665
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9666
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9667
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9668
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9669
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9670
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9671
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9672
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9673
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9674
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9675
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to freetype in Ubuntu.
https://bugs.launchpad.net/bugs/1449225
Title:
Backport #41309 ( 8b281f83e ) to fix use of uninitialized data.
Status in freetype package in Ubuntu:
Fix Released
Status in freetype source package in Precise:
Confirmed
Status in freetype source package in Trusty:
Confirmed
Status in freetype source package in Utopic:
Confirmed
Status in freetype source package in Vivid:
Confirmed
Status in freetype source package in Wily:
Fix Released
Bug description:
FreeType issue https://savannah.nongnu.org/bugs/?41309 was fixed with
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1
. This change is not in any of the current FreeType packages (Precise
freetype 2.4.8-1ubuntu2.2 nor Trusty freetype 2.5.2-1ubuntu2.4 ). This
is a fix for a few use of uninitialized data bugs which were found by
msan, and is in FreeType 2.5.3 (but comes after 2.5.2).
This is a request to backport
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1
to all currently supported packages of FreeType, as all of them appear
to be affected. Since this fixes reads of uninitialized memory in a
widely used package, I'm marking this as a security related issue.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1449225/+subscriptions
