infinite loop in parse_encoding (t1load.c)
Bug #1492124 reported by
Lei Zhang
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
FreeType |
Unknown
|
Unknown
|
|||
freetype (Ubuntu) |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Precise |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Trusty |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Vivid |
Fix Released
|
Undecided
|
Marc Deslauriers | ||
Wily |
Fix Released
|
Undecided
|
Marc Deslauriers |
Bug Description
Ubuntu 14.04's libfreetype has not been patched with the fix for [1], thus applications that use libfreetype6 are vulnerable to infinite loops. e.g. Chromium / Google Chrome. [2] If you add a small patch to apply freetype commit
df14e6 [3], that should fix the problem. I verified this locally.
I have not checked other Ubuntu releases to see if they are affected.
[1] http://
[2] https:/
[3] http://
Changed in freetype (Ubuntu Precise): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in freetype (Ubuntu Trusty): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in freetype (Ubuntu Vivid): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in freetype (Ubuntu Wily): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in freetype (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in freetype (Ubuntu Trusty): | |
status: | New → Confirmed |
Changed in freetype (Ubuntu Vivid): | |
status: | New → Confirmed |
Changed in freetype (Ubuntu Wily): | |
status: | New → Confirmed |
To post a comment you must log in.
Do you know if a CVE has been assigned for this issue?
Thanks