Date: Thu, 22 Jul 2010 15:45:27 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security <oss-security@...ts.openwall.com> Cc: Werner Lemberg <wl@....org>, Marek Kasik <mkasik@...hat.com> Subject: Another freetype-demos buffer overflow Hello everyone, While fixing CVE-2010-2527, one of our developers, Marek Kašík, discovered an additional buffer overflow in the ftmulti demo program. I've assigned it CVE-2010-2541. There is more information in our bug: https://bugzilla.redhat.com/show_bug.cgi?id=617342 Upstream was told and added a partial fix to their git: http://git.savannah.gnu.org/cgit/freetype/freetype2-demos.git/commit/?id=3636982a7666bcfa0e47fb31d565314d1b3e7d78 I've attached a patch to the Red Hat bug that we're using. Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ