From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH] graphite2: security bump to version 1.3.5
Date: Mon, 15 Feb 2016 22:43:55 +0100 [thread overview]
Message-ID: <20160215224355.5896546e@free-electrons.com> (raw)
In-Reply-To: <1455554749-11434-1-git-send-email-gustavo@zacarias.com.ar>
Hello,
On Mon, 15 Feb 2016 13:45:49 -0300, Gustavo Zacarias wrote:
> Fixes:
> CVE-2016-1521 - An exploitable out-of-bounds read vulnerability exists
> in the opcode handling functionality of Libgraphite. A specially crafted
> font can cause an out-of-bounds read resulting in arbitrary code
> execution. An attacker can provide a malicious font to trigger this
> vulnerability.
> CVE-2016-1522 - An exploitable NULL pointer dereference exists in the
> bidirectional font handling functionality of Libgraphite. A specially
> crafted font can cause a NULL pointer dereference resulting in a crash.
> An attacker can provide a malicious font to trigger this vulnerability.
> CVE-2016-1523 - An exploitable heap-based buffer overflow exists in the
> context item handling functionality of Libgraphite. A specially crafted
> font can cause a buffer overflow resulting in potential code execution.
> An attacker can provide a malicious font to trigger this vulnerability.
>
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
> ---
> package/graphite2/0001-disable-double-promotion.patch | 13 +++++++------
> package/graphite2/graphite2.hash | 4 ++--
> package/graphite2/graphite2.mk | 2 +-
> 3 files changed, 10 insertions(+), 9 deletions(-)
Applied, thanks.
Note that our graphite2/Config.in points to
http://sourceforge.net/projects/silgraphite/, which states:
"""
This project has been deprecated. Graphite2, a new version of the
Graphite engine, is available at: https://github.com/silnrsi/graphite
with its own bug tracker.
"""
Best regards,
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
next prev parent reply other threads:[~2016-02-15 21:43 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-15 16:45 [Buildroot] [PATCH] graphite2: security bump to version 1.3.5 Gustavo Zacarias
2016-02-15 21:43 ` Thomas Petazzoni [this message]
2016-02-16 13:32 ` Gustavo Zacarias
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160215224355.5896546e@free-electrons.com \
--to=thomas.petazzoni@free-electrons.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.