SUSE: Security Advisory (SUSE-SU-2015:0455-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 201408-02

Gentoo Linux Local Security Checks GLSA 201408-02 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

[slackware-security] freetype

New freetype packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/freetype-2.5.5-i486-1slack14.1.txz: Upgraded. This release fixes a security bug that could cause freetype...

Fedora Update for freetype FEDORA-2014-16840

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for freetype FEDORA-2014-16854

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 20 : mingw-freetype-2.5.4-1.fc20 (2014-17580)

Update to 2.5.4\r\n Updated subpixel rendering patch to 2.5.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora 21 : mingw-freetype-2.5.4-1.fc21 (2014-17550)

Update to 2.5.4\r\n Updated subpixel rendering patch to 2.5.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Updated freetype2 packages fix security vulnerability

Updated freetype2 packages fix security vulnerability: It was reported that Freetype before 2.5.4 suffers from an out-of-bounds stack-based read/write flaw in cf2hintmapbuild in the CFF rasterizing code, which could lead to a buffer overflow. This is due to an incomplete fix for CVE-2014-2240...

FreeBSD : freetype -- Out of bounds stack-based read/write (567beb1e-7e0a-11e4-b9cc-bcaec565249c)

Werner LEMBERG reports : The fix for CVE-2014-2240 was not 100% complete to fix the issue from the CVE completly. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacque...

freetype -- Out of bounds stack-based read/write

Werner LEMBERG reports: The fix for CVE-2014-2240 was not 100% complete to fix the issue from the CVE completly...

GLSA-201408-02 : FreeType: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201408-02 FreeType: Arbitrary code execution A stack-based buffer overflow exists in Freetypes cf2hintmapbuild function in cff/cf2hints.c. Impact : A remote attacker may be able to execute arbitrary code or cause a Denial of Servi...

Fedora 19 : mingw-freetype-2.4.12-3.fc19 (2014-6833)

Fix CVE-2014-2240 and CVE-2014-2241 RHBZ 1074649 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Updated freetype2 packages fix security vulnerabilities

It was reported that Freetype before 2.5.3 suffers from an out-of-bounds stack-based read/write flaw in cf2hintmapbuild in the CFF rasterizing code, which could lead to a buffer overflow CVE-2014-2240. It was also reported that Freetype before 2.5.3 has a denial-of-service vulnerability in the CF...

CVE-2014-2240

Stack-based buffer overflow in the cf2hintmapbuild function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large number of stem hints in a font file...

CVE-2014-2240

Stack-based buffer overflow in the cf2hintmapbuild function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large number of stem hints in a font file...

CVE-2014-2240

FreeType 2.x vulnerable: CVE-2014-2240 is a stack-based buffer overflow in cf2hints.c (cf2_hintmap_build) that can crash or potentially allow arbitrary code execution via crafted OpenType fonts with many stem hints. Affects FreeType versions before 2.5.3 (per initial description). Remediation typ...