Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 16 Jul 2011 12:53:52 -0600
From: Vincent Danen <vdanen@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE request and info: freetype flaw to jailbreak iphone

I'm not sure if this has received a CVE name or not (if it did, it was
likely assigned to iOS specifically and not freetype).

It looks like the flaw used to jailbreak the iphone was in freetype's
PS type1 font handling.

I've taken a quick look, but am by no means a C guy, but the code paths
are different in freetype 2.2.x and it looks as thought 2.3.11 at least
(so perhaps all of 2.3.x?) is affected.  The Secunia report indicates
2.4.5 and possibly older versions.

References:

https://bugzilla.redhat.com/show_bug.cgi?id=722701
http://secunia.com/advisories/45167
http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00014.html
http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00015.html

-- 
Vincent Danen / Red Hat Security Response Team 

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.