Information on source package freetype

Available versions

ReleaseVersion
squeeze, squeeze2.4.2-2.1+squeeze4
wheezy, sid2.4.9-1

Open issues

Open unimportant issues

BugDescription
CVE-2012-1126FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1127FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1128FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1129FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1130FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1131FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1132FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1135FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1137FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1138FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1139Array index error in FreeType before 2.4.9, as used in Mozilla Firefox ...
CVE-2012-1140FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1141FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1143FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...

Resolved issues

BugDescription
CVE-2006-0747Integer underflow in Freetype before 2.2 allows remote attackers to ...
CVE-2006-1861Multiple integer overflows in FreeType before 2.2 allow remote ...
CVE-2006-2661ftutil.c in Freetype before 2.2 allows remote attackers to cause a ...
CVE-2006-3467Integer overflow in FreeType before 2.2 allows remote attackers to ...
CVE-2007-1351Integer overflow in the bdfReadCharacters function in bdfread.c in (1) ...
CVE-2007-2754Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and ...
CVE-2007-3506The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType ...
CVE-2008-1806Integer overflow in FreeType2 before 2.3.6 allows context-dependent ...
CVE-2008-1807FreeType2 before 2.3.6 allow context-dependent attackers to execute ...
CVE-2008-1808Multiple off-by-one errors in FreeType2 before 2.3.6 allow ...
CVE-2009-0946Multiple integer overflows in FreeType 2.3.9 and earlier allow remote ...
CVE-2010-1797Multiple stack-based buffer overflows in the ...
CVE-2010-2497Integer underflow in glyph handling in FreeType before 2.4.0 allows ...
CVE-2010-2498The psh_glyph_find_strong_points function in pshinter/pshalgo.c in ...
CVE-2010-2499Buffer overflow in the Mac_Read_POST_Resource function in ...
CVE-2010-2500Integer overflow in the gray_render_span function in smooth/ftgrays.c ...
CVE-2010-2519Heap-based buffer overflow in the Mac_Read_POST_Resource function in ...
CVE-2010-2520Heap-based buffer overflow in the Ins_IUP function in ...
CVE-2010-2527Multiple buffer overflows in demo programs in FreeType before 2.4.0 ...
CVE-2010-2541Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType ...
CVE-2010-2805The FT_Stream_EnterFrame function in base/ftstream.c in FreeType ...
CVE-2010-2806Array index error in the t42_parse_sfnts function in type42/t42parse.c ...
CVE-2010-2807FreeType before 2.4.2 uses incorrect integer data types during bounds ...
CVE-2010-2808Buffer overflow in the Mac_Read_POST_Resource function in ...
CVE-2010-3053bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause ...
CVE-2010-3054Unspecified vulnerability in FreeType 2.3.9, and other versions before ...
CVE-2010-3311Integer overflow in base/ftstream.c in libXft (aka the X FreeType ...
CVE-2010-3814Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in ...
CVE-2010-3855Buffer overflow in the ft_var_readpackedpoints function in ...
CVE-2011-0226Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, ...
CVE-2011-3256FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before ...
CVE-2011-3439FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote ...
CVE-2012-1133FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1134FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1136FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1142FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
CVE-2012-1144FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...

Security announcements

DSADescription
DSA-2428-1freetype - several
DSA-2350-1freetype - missing input sanitising
DSA-2350-1freetype - missing input sanitising
DSA-2328-1freetype - missing input sanitising
DSA-2328-1freetype - missing input sanitising
DSA-2294-1freetype - missing input sanitization
DSA-2294-1freetype - missing input sanitization
DSA-2155-1freetype - several
DSA-2116-1freetype - integer overflow
DSA-2105-1freetype - several vulnerabilities
DSA-2070-1freetype - several vulnerabilities
DSA-1784-1freetype - arbitrary code execution
DSA-1784-1freetype - arbitrary code execution
DSA-1635-1freetype - multiple vulnerabilities
DSA-1454-1freetype - arbitrary code execution
DSA-1334-1freetype
DSA-1302-1freetype - integer overflow
DSA-1178-1freetype
DSA-1095-1freetype - integer overflows
DSA-1095-1freetype - integer overflows
Search for package or bug name: Reporting problems

Home - Testing Security Team - Debian Security - Source (SVN)