infinite loop in parse_encoding (t1load.c)
Bug #1492124 reported by
Lei Zhang
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| FreeType |
Unknown
|
Unknown
|
|||
| freetype (Ubuntu) |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
| Precise |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
| Trusty |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
| Vivid |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
| Wily |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Bug Description
Ubuntu 14.04's libfreetype has not been patched with the fix for [1], thus applications that use libfreetype6 are vulnerable to infinite loops. e.g. Chromium / Google Chrome. [2] If you add a small patch to apply freetype commit
df14e6 [3], that should fix the problem. I verified this locally.
I have not checked other Ubuntu releases to see if they are affected.
[1] http://
[2] https:/
[3] http://
| Changed in freetype (Ubuntu Precise): | |
| assignee: | nobody → Marc Deslauriers (mdeslaur) |
| Changed in freetype (Ubuntu Trusty): | |
| assignee: | nobody → Marc Deslauriers (mdeslaur) |
| Changed in freetype (Ubuntu Vivid): | |
| assignee: | nobody → Marc Deslauriers (mdeslaur) |
| Changed in freetype (Ubuntu Wily): | |
| assignee: | nobody → Marc Deslauriers (mdeslaur) |
| Changed in freetype (Ubuntu Precise): | |
| status: | New → Confirmed |
| Changed in freetype (Ubuntu Trusty): | |
| status: | New → Confirmed |
| Changed in freetype (Ubuntu Vivid): | |
| status: | New → Confirmed |
| Changed in freetype (Ubuntu Wily): | |
| status: | New → Confirmed |
To post a comment you must log in.

Do you know if a CVE has been assigned for this issue?
Thanks