Date: Thu, 20 Jan 2011 11:36:48 -0500 (EST) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: CVE request: heap corruption in libpango Please use CVE-2011-0020 for this. Thanks. -- JB ----- Original Message ----- > From Launchpad : > > "When used with FreeType2 as a backend, Pango is vulnerable to heap > corruption when rendering malformed fonts. The vulnerability occurs in > pango_ft2_font_render_box_glyph() in pango/pangoft2-render.c. A buffer > is malloc'd with size box->bitmap.rows * box->bitmap.pitch. > Subsequently, 0xff is written at offsets into this buffer without > checking that these offsets fall within the buffer's boundaries, > leading to heap corruption." > > -Dan > >  https://bugs.launchpad.net/ubuntu/+source/pango1.0/+bug/696616
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.