[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVS: cvs.openbsd.org: xenocara

Module name:	xenocara
Changes by:	matthieu_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org	2009/05/01 01:48:24

Modified files:
	lib/freetype/src/cff: Tag: OPENBSD_4_5 cffload.c 
	lib/freetype/src/lzw: Tag: OPENBSD_4_5 ftzopen.c 
	lib/freetype/src/sfnt: Tag: OPENBSD_4_5 ttcmap.c 
	lib/freetype/src/smooth: Tag: OPENBSD_4_5 ftsmooth.c 

Log message:
MFC: Fixes for CVE-2009-0946 from freetype2 git repository:
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote
attackers to execute arbitrary code via vectors related to large values
in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c,
and (3) cff/cffload.c.
Plus one additional fix for malformed compressed data.

Visit your host, monkey.org