diff options
author | Werner Lemberg <wl@gnu.org> | 2007-04-05 02:28:23 +0000 |
---|---|---|
committer | Werner Lemberg <wl@gnu.org> | 2007-04-05 02:28:23 +0000 |
commit | 9f83e055028306dac4103c14f52d7cfdf8adedcf (patch) | |
tree | 13c8ff5e0a3f81f1073770a712ce42f1effb1f76 | |
parent | 7478197e0018e12aa40f99229626d25d47ead1fe (diff) |
* Version 2.3.3 released.VER-2-3-3
=========================
Tag sources with `VER-2-3-3'.
* docs/CHANGES: Mention CVE-2007-1351.
-rw-r--r-- | ChangeLog | 12 | ||||
-rw-r--r-- | docs/CHANGES | 4 |
2 files changed, 15 insertions, 1 deletions
@@ -1,3 +1,13 @@ +2007-04-04 Werner Lemberg <wl@gnu.org> + + * Version 2.3.3 released. + ========================= + + + Tag sources with `VER-2-3-3'. + + * docs/CHANGES: Mention CVE-2007-1351. + 2007-04-03 David Turner <david@freetype.org> * src/base/ftobjs.c (FT_Set_Char_Size): As suggested by James Cloos, @@ -27,7 +37,7 @@ * src/bdf/bdflib.c (setsbit, sbitset): Handle values >= 128 gracefully. (_bdf_set_default_spacing): Increase `name' buffer size to 256 and - issue an error for longer names. + issue an error for longer names. This fixes CVE-2007-1351. (_bdf_parse_glyphs): Limit allowed number of glyphs in font to the number of code points in Unicode. diff --git a/docs/CHANGES b/docs/CHANGES index dc2fa25e..8b76df00 100644 --- a/docs/CHANGES +++ b/docs/CHANGES @@ -18,6 +18,10 @@ CHANGES BETWEEN 2.3.3 and 2.3.2 to 0 for mono-spaced fonts. Otherwise code that uses them would essentially ruin the fixed-advance property. + - Fix CVE-2007-1351 which can cause an integer overflow while + parsing BDF fonts, leading to a potentially exploitable heap + overflow condition. + II. MISCELLANEOUS - Fixed compilation issues on some 64-bit platforms (see ChangeLog |