From ${URL} : The parse_charstrings function in type1/t1load.c in FreeType 2 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file. References: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36 Upstream patch: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1load.c?h=VER-2-7&id=a660e3de422731b94d4a134d27555430cbb6fb39 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
commit b718d16b1e7331ab125b9803d1add14b2617e0b0 Author: Lars Wendler <polynomial-c@gentoo.org> Date: Fri Mar 10 12:40:30 2017 media-libs/freetype: Security revbump for bug #612192. Package-Manager: Portage-2.3.4, Repoman-2.3.2 Arches please test and mark stable =media-libs/freetype-2.7.1-r2 with target KEYWORDS: alpha amd64 arm ~arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt
amd64 stable
x86 stable
arm ppc ppc64 stable
Stable for HPPA.
ia64 stable
sparc stable
Stable on alpha.
Arches, Thank you for your work. New GLSA Request filed. Maintainer(s), please drop the vulnerable version(s).
Repository is clean (https://gitweb.gentoo.org/repo/gentoo.git/commit/media-libs/freetype?id=38fb3e66a91cc67dfa0274bb8b0499301222915b).
This issue was resolved and addressed in GLSA 201706-14 at https://security.gentoo.org/glsa/201706-14 by GLSA coordinator Kristian Fiskerstrand (K_F).