summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorWerner Lemberg <wl@gnu.org>2007-04-05 02:28:23 +0000
committerWerner Lemberg <wl@gnu.org>2007-04-05 02:28:23 +0000
commit9f83e055028306dac4103c14f52d7cfdf8adedcf (patch)
tree13c8ff5e0a3f81f1073770a712ce42f1effb1f76
parent7478197e0018e12aa40f99229626d25d47ead1fe (diff)
* Version 2.3.3 released.VER-2-3-3
========================= Tag sources with `VER-2-3-3'. * docs/CHANGES: Mention CVE-2007-1351.
Diffstat
-rw-r--r--ChangeLog12
-rw-r--r--docs/CHANGES4
2 files changed, 15 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index c15c2aa0..f356f81e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2007-04-04 Werner Lemberg <wl@gnu.org>
+
+ * Version 2.3.3 released.
+ =========================
+
+
+ Tag sources with `VER-2-3-3'.
+
+ * docs/CHANGES: Mention CVE-2007-1351.
+
2007-04-03 David Turner <david@freetype.org>
* src/base/ftobjs.c (FT_Set_Char_Size): As suggested by James Cloos,
@@ -27,7 +37,7 @@
* src/bdf/bdflib.c (setsbit, sbitset): Handle values >= 128
gracefully.
(_bdf_set_default_spacing): Increase `name' buffer size to 256 and
- issue an error for longer names.
+ issue an error for longer names. This fixes CVE-2007-1351.
(_bdf_parse_glyphs): Limit allowed number of glyphs in font to the
number of code points in Unicode.
diff --git a/docs/CHANGES b/docs/CHANGES
index dc2fa25e..8b76df00 100644
--- a/docs/CHANGES
+++ b/docs/CHANGES
@@ -18,6 +18,10 @@ CHANGES BETWEEN 2.3.3 and 2.3.2
to 0 for mono-spaced fonts. Otherwise code that uses them would
essentially ruin the fixed-advance property.
+ - Fix CVE-2007-1351 which can cause an integer overflow while
+ parsing BDF fonts, leading to a potentially exploitable heap
+ overflow condition.
+
II. MISCELLANEOUS
- Fixed compilation issues on some 64-bit platforms (see ChangeLog
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-29 04:24:17 +0000