diff options
| author | Peter Korsgaard <peter@korsgaard.com> | 2017-04-30 21:36:02 +0200 |
|---|---|---|
| committer | Thomas Petazzoni <thomas.petazzoni@free-electrons.com> | 2017-04-30 23:07:25 +0200 |
| commit | 6d557ac0133618fe4fe1d417bf584e21ef208871 (patch) | |
| tree | 2e13e2205ca363106c706fe5be29d3f74625bfa4 /package/tinyxml2 | |
| parent | c1595feb0e6defde4d890a2aaf62d158d3d04575 (diff) | |
| download | buildroot-6d557ac0133618fe4fe1d417bf584e21ef208871.tar.gz buildroot-6d557ac0133618fe4fe1d417bf584e21ef208871.zip | |
freetype: add upstream security fixes for CVE-2017-8105 and CVE-2017-8287
Add upstream post-2.7.1 commits (except for ChangeLog modifications) fixing
the following security issues:
CVE-2017-8105 - FreeType 2 before 2017-03-24 has an out-of-bounds write
caused by a heap-based buffer overflow related to the
t1_decoder_parse_charstrings function in psaux/t1decode.c.
CVE-2017-8287 - FreeType 2 before 2017-03-26 has an out-of-bounds write
caused by a heap-based buffer overflow related to the
t1_builder_close_contour function in psaux/psobjs.c.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Diffstat (limited to 'package/tinyxml2')
0 files changed, 0 insertions, 0 deletions
