Date: Thu, 22 Jul 2010 15:45:27 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security <oss-security@...ts.openwall.com> Cc: Werner Lemberg <wl@....org>, Marek Kasik <mkasik@...hat.com> Subject: Another freetype-demos buffer overflow Hello everyone, While fixing CVE-2010-2527, one of our developers, Marek Kašík, discovered an additional buffer overflow in the ftmulti demo program. I've assigned it CVE-2010-2541. There is more information in our bug: https://bugzilla.redhat.com/show_bug.cgi?id=617342 Upstream was told and added a partial fix to their git: http://git.savannah.gnu.org/cgit/freetype/freetype2-demos.git/commit/?id=3636982a7666bcfa0e47fb31d565314d1b3e7d78 I've attached a patch to the Red Hat bug that we're using. Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.