freetype: update to 2.4.11 which includes fixes for CVE-2012-{5668, 5669, 5670} - linux/poky.git

diff options

author	Eren Türkay <eren@hambedded.org>	2012-12-28 01:00:00 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2012-12-31 09:43:27 +0000
commit	09359e6ec00901abfe49157f1f9730117b4d284b (patch)
tree	d1cd22cbaf34dd341908e5ea85deb2f743671af8 /meta-hob
parent	4b5705c426743e812d6da25ff37c335e073bfb12 (diff)
download	poky-09359e6ec00901abfe49157f1f9730117b4d284b.tar.gz

freetype: update to 2.4.11 which includes fixes for CVE-2012-{5668, 5669, 5670}

Multiple security issues were reported by Mateusz Jurczyk of Google security team. These have been fixed in freetype 2.4.11. Details are as follows. * CVE-2012-5668: NULL Pointer Dereference in bdf_free_font Bug: https://savannah.nongnu.org/bugs/?37905 Patch: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9b6b5754b57c12b820e01305eb69b8863a161e5a * CVE-2012-5669: Out-of-bounds read in _bdf_parse_glyphs Bug: https://savannah.nongnu.org/bugs/?37906 Patch: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d * CVE-2012-5670: Out-of-bounds write in _bdf_parse_glyphs Bug: https://savannah.nongnu.org/bugs/?37907 Patch: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7f2e4f4f553f6836be7683f66226afac3fa979b8 For original e-mail and CVE assignment, see the following URLs: http://www.openwall.com/lists/oss-security/2012/12/25/1 http://www.openwall.com/lists/oss-security/2012/12/25/2 (From OE-Core rev: b693f6d3d48b281fbbf71fd56996c85e23c3a9c9) Signed-off-by: Eren Türkay <eren@hambedded.org> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta-hob')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: