[Secure-testing-commits] r32153 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Feb 11 07:03:39 UTC 2015
Author: carnil
Date: 2015-02-11 07:03:39 +0000 (Wed, 11 Feb 2015)
New Revision: 32153
Modified:
data/CVE/list
Log:
Add bug reference for freetype issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-02-11 06:51:52 UTC (rev 32152)
+++ data/CVE/list 2015-02-11 07:03:39 UTC (rev 32153)
@@ -157,90 +157,90 @@
CVE-2015-1483
RESERVED
CVE-2014-9675 (bdf/bdflib.c in FreeType before 2.5.4 identifies property names by ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7
NOTE: https://code.google.com/p/google-security-research/issues/detail?id=151
CVE-2014-9674 (The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=153
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e
CVE-2014-9673 (Integer signedness error in the Mac_Read_POST_Resource function in ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=154
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415
CVE-2014-9672 (Array index error in the parse_fond function in base/ftmac.c in ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=155
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=18a8f0d9943369449bc4de92d411c78fb08d616c
CVE-2014-9671 (Off-by-one error in the pcf_get_properties function in pcf/pcfread.c ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=157
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3
CVE-2014-9670 (Multiple integer signedness errors in the pcf_get_encodings function ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=158
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6
CVE-2014-9669 (Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=163
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565
CVE-2014-9668 (The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=164
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f46add13895337ece929b18bb8f036431b3fb538
CVE-2014-9667 (sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=166
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891
CVE-2014-9666 (The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=167
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439
CVE-2014-9665 (The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=168
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=54abd22891bd51ef8b533b24df53b3019b5cee81
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b3500af717010137046ec4076d1e1c0641e33727
CVE-2014-9664 (FreeType before 2.5.4 does not check for the end of the data during ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=183
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd
CVE-2014-9663 (The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=184
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1
CVE-2014-9662 (cff/cf2ft.c in FreeType before 2.5.4 does not validate the return ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=185
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5f201ab5c24cb69bc96b724fd66e739928d6c5e2
CVE-2014-9661 (type42/t42parse.c in FreeType before 2.5.4 does not consider that ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=187
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669
CVE-2014-9660 (The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=188
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab
CVE-2014-9659 (cff/cf2intrp.c in the CFF CharString interpreter in FreeType before ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
[wheezy] - freetype <not-affected> (vulnerable code not present and thus incomplete fix not applied as well)
[squeeze] - freetype <not-affected> (vulnerable code not present and thus incomplete fix not applied as well)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=190
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2cdc4562f873237f1c77d43540537c7a721d3fd8
NOTE: CVE due to incomplete fix for CVE-2014-2240
CVE-2014-9658 (The tt_face_load_kern function in sfnt/ttkern.c in FreeType before ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=194
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c
CVE-2014-9657 (The tt_face_load_hdmx function in truetype/ttpload.c in FreeType ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=195
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55
CVE-2014-9656 (The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType ...)
- - freetype <unfixed>
+ - freetype <unfixed> (bug #777656)
NOTE: http://code.google.com/p/google-security-research/issues/detail?id=196
NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f0292bb9920aa1dbfed5f53861e7c7a89b35833a
CVE-2015-XXXX [cupsRasterReadPixels buffer overflow]
More information about the Secure-testing-commits
mailing list