[Git][security-tracker-team/security-tracker][master] "new" freetype isue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
208d31c4 by Moritz Muehlenhoff at 2023-07-15T00:04:47+02:00
"new" freetype isue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -47807,7 +47807,11 @@ CVE-2023-21263
 CVE-2023-21262 (In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way ...)
 	NOT-FOR-US: Android
 CVE-2023-21261 (In ft_open_face_internal of ftobjs.c, there is a possible out of bound ...)
-	TODO: check
+	- freetype 2.12.0+dfsg-1
+	NOTE: https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 (VER-2-12-0)
+	NOTE: https://gitlab.freedesktop.org/freetype/freetype/-/commit/0c2bdb01a2e1d24a3e592377a6d0822856e10df2 (VER-2-12-0)
+	NOTE: https://gitlab.freedesktop.org/freetype/freetype/-/commit/d014387ad4a5dd04d8e7f99587c7dacb70261924 (VER-2-12-0) (seems Google missed that one...)
+	NOTE: https://android.googlesource.com/platform/external/freetype/+/d45f0e49ab54065eb72d92aa3cc5f2152b0910b7
 CVE-2023-21260 (In notification access permission dialog box, malicious application ca ...)
 	NOT-FOR-US: Android
 CVE-2023-21259



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/208d31c4ce311cab90b08a6465bd79177c46ae0b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/208d31c4ce311cab90b08a6465bd79177c46ae0b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230714/4fd8fd10/attachment.htm>