CVSROOT: /cvs
Module name: xenocara
Changes by: matth...@cvs.openbsd.org 2009/04/27 01:11:17
Modified files:
lib/freetype : ChangeLog
lib/freetype/src/cff: cffload.c
lib/freetype/src/lzw: ftzopen.c
lib/freetype/src/sfnt: ttcmap.c
lib/freetype/src/smooth: ftsmooth.c
Log message:
Fixes for CVE-2009-0946 from freetype2 git repository:
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote
attackers to execute arbitrary code via vectors related to large values
in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c,
and (3) cff/cffload.c.
Plus one additional fix for malformed compressed data.
