diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/CHANGES | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/docs/CHANGES b/docs/CHANGES index cc953636..e7eebf78 100644 --- a/docs/CHANGES +++ b/docs/CHANGES @@ -2,26 +2,26 @@ CHANGES BETWEEN 2.3.9 and 2.3.8 I. IMPORTANT BUG FIXES - - Very unfortunately, FreeType 2.3.8 contained a change that - broke its official ABI. The end result is that programs compiled + - Very unfortunately, FreeType 2.3.8 contained a change that broke + its official ABI. The end result is that programs compiled against previous versions of the library, but dynamically linked - to 2.3.8 can experience memory corruption if they call the - FT_Get_PS_Font_Info() function. + to 2.3.8 can experience memory corruption if they call the + `FT_Get_PS_Font_Info' function. - We recommend all users to upgrade to 2.3.9 as soon as possible, - or to downgrade to a previous release of the library if this is + We recommend all users to upgrade to 2.3.9 as soon as possible, + or to downgrade to a previous release of the library if this is not an option. - The origin of the bug is that a new field was added to the - publicly defined PS_FontInfoRec structure. Unfortunately objects - of this type can be stack or heap allocated by callers of - FT_Get_PS_Font_Info(), resulting in a memory buffer over-write - with its implementation in 2.3.8. + The origin of the bug is that a new field was added to the + publicly defined `PS_FontInfoRec' structure. Unfortunately, + objects of this type can be stack or heap allocated by callers + of `FT_Get_PS_Font_Info', resulting in a memory buffer + overwrite with its implementation in 2.3.8. - If you want to know if your code is vulnerable to this issue, - simply search for the substrings "PS_FontInfo" and - "PS_Font_Info" in your source code. If none is found, your code - is safe and will not be affected. + If you want to know whether your code is vulnerable to this + issue, simply search for the substrings `PS_FontInfo' and + `PS_Font_Info' in your source code. If none is found, your code + is safe and is not affected. The FreeType team apologizes for the problem. |