Information on source package fontforge

Available versions

ReleaseVersion
wheezy0.0.20120101+git-2
wheezy (security)0.0.20120101+git-2+deb7u1
jessie20120731.b-5
jessie (security)20120731.b-5+deb8u1
stretch1:20161005~dfsg-4
stretch (security)1:20161005~dfsg-4+deb9u1
buster1:20161005~dfsg-4
sid1:20161005~dfsg-4

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-11577fixedfixedfixedvulnerablevulnerableFontForge 20161012 is vulnerable to a buffer over-read in getsid ...
CVE-2017-11576fixedfixedfixedvulnerablevulnerableFontForge 20161012 does not ensure a positive size in a weight vector ...
CVE-2017-11575fixedfixedfixedvulnerablevulnerableFontForge 20161012 is vulnerable to a buffer over-read in strnmatch ...
CVE-2017-11574fixedfixedfixedvulnerablevulnerableFontForge 20161012 is vulnerable to a heap-based buffer overflow in ...
CVE-2017-11573vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableFontForge 20161012 is vulnerable to a buffer over-read in ...
CVE-2017-11572fixedfixedfixedvulnerablevulnerableFontForge 20161012 is vulnerable to a heap-based buffer over-read in ...
CVE-2017-11571fixedfixedfixedvulnerablevulnerableFontForge 20161012 is vulnerable to a stack-based buffer overflow in ...
CVE-2017-11570vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableFontForge 20161012 is vulnerable to a buffer over-read in umodenc ...
CVE-2017-11569fixedfixedfixedvulnerablevulnerableFontForge 20161012 is vulnerable to a heap-based buffer over-read in ...
CVE-2017-11568fixedfixedfixedvulnerablevulnerableFontForge 20161012 is vulnerable to a heap-based buffer over-read in ...

Resolved issues

BugDescription
CVE-2010-4259Stack-based buffer overflow in FontForge 20100501 allows remote ...

Security announcements

DSA / DLADescription
DSA-3958-1fontforge - security update
DSA-3958-1fontforge - security update
DLA-1065-1fontforge - security update
DSA-2253-1fontforge - buffer overflow

Search for package or bug name: Reporting problems