Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | libxcursor: Fix CVE-2017-16612 | Dan Andresan | 2018-10-26 | 2 | -0/+84 |
| | | | | | | | | | | | | libxcursor in the upstream pyro is 1.1.14 CVE: CVE-2017-16612 Reference: https://cgit.freedesktop.org/xorg/lib/libXcursor/commit/?id=4794b5dd34688158fb51a2943032569d3780c4b8 Change-Id: Ia1e81ae237e09ba67dabb0aa9426b763f1e96f8f Signed-off-by: Andreas Wellving <andreas.wellving@enea.com> Signed-off-by: Adrian Mangeac <adrian.mangeac@enea.com> | ||||
* | freetype: fix for CVE-2017-8105 | Sona Sarmadi | 2017-08-29 | 2 | -0/+82 |
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. References: ========== https://security-tracker.debian.org/tracker/CVE-2017-8105 Upstream patch: https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> |