diff options
| author | Werner Lemberg <wl@gnu.org> | 2017-04-26 09:35:39 +0200 |
|---|---|---|
| committer | Werner Lemberg <wl@gnu.org> | 2017-04-26 09:35:39 +0200 |
| commit | ba86636b14f876fa369c84467409b3b812d47e94 (patch) | |
| tree | a4e203c6d28d4e1403e19b7c8f6d9bfd25c29849 | |
| parent | 7752c68c50e651d76615de84db1e34f7ee1329b3 (diff) | |
| download | freetype2-ba86636b14f876fa369c84467409b3b812d47e94.tar.gz | |
And another CVE for an older FreeType version.
| -rw-r--r-- | docs/CHANGES | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/docs/CHANGES b/docs/CHANGES index 8ad5dfae0..d42accbe3 100644 --- a/docs/CHANGES +++ b/docs/CHANGES @@ -29,8 +29,9 @@ CHANGES BETWEEN 2.7.1 and 2.8 now scales the font linearly again (bug introduced in version 2.4.6). - - CVE-2017-8105: Older FreeType versions has an out-of-bounds write - caused by a heap-based buffer overflow related to the Type 1 fonts. + - CVE-2017-8105: Older FreeType versions has an out-of-bounds + write caused by a heap-based buffer overflow related to the Type + 1 fonts. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105 @@ -101,6 +102,12 @@ CHANGES BETWEEN 2.7 and 2.7.1 - Handling of raw CID fonts was partially broken (bug introduced in 2.6.4). + - CVE-2016-10328: Older FreeType versions had an out-of-bounds + write caused by a heap-based buffer overflow related to the CFF + fonts. + + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10328 + III. MISCELLANEOUS |