diff options
author | Lev Lamberov <dogsleg@debian.org> | 2020-10-22 12:14:22 +0500 |
---|---|---|
committer | Lev Lamberov <dogsleg@debian.org> | 2020-10-22 12:14:22 +0500 |
commit | ed1e1f09f1a02b5fb64ecaaa2d2c1ad889848e27 (patch) | |
tree | d393b841abb3872b14070a33a24fb5900ed5532d | |
parent | 11314ad4ebb78a3dc6c8d1b7804bd3b790b593a8 (diff) |
[SECURITY] [DSA 4777-1] freetype security update
-rw-r--r-- | english/security/2020/dsa-4777.data | 13 | ||||
-rw-r--r-- | english/security/2020/dsa-4777.wml | 21 |
2 files changed, 34 insertions, 0 deletions
diff --git a/english/security/2020/dsa-4777.data b/english/security/2020/dsa-4777.data new file mode 100644 index 00000000000..b564904b36f --- /dev/null +++ b/english/security/2020/dsa-4777.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4777-1 freetype</define-tag> +<define-tag report_date>2020-10-21</define-tag> +<define-tag secrefs>CVE-2020-15999 Bug#972586</define-tag> +<define-tag packages>freetype</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2020/dsa-4777.wml b/english/security/2020/dsa-4777.wml new file mode 100644 index 00000000000..01075eff149 --- /dev/null +++ b/english/security/2020/dsa-4777.wml @@ -0,0 +1,21 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Sergei Glazunov discovered a heap-based buffer overflow vulnerability in +the handling of embedded PNG bitmaps in FreeType. Opening malformed +fonts may result in denial of service or the execution of arbitrary +code.</p> + +<p>For the stable distribution (buster), this problem has been fixed in +version 2.9.1-3+deb10u2.</p> + +<p>We recommend that you upgrade your freetype packages.</p> + +<p>For the detailed security status of freetype please refer to its +security tracker page at: +<a href="https://security-tracker.debian.org/tracker/freetype">\ +https://security-tracker.debian.org/tracker/freetype</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2020/dsa-4777.data" +# $Id: $ |