CVSROOT: /cvs
Module name: xenocara
Changes by: matth...@cvs.openbsd.org 2009/05/01 01:48:24
Modified files:
lib/freetype/src/cff: Tag: OPENBSD_4_5 cffload.c
lib/freetype/src/lzw: Tag: OPENBSD_4_5 ftzopen.c
lib/freetype/src/sfnt: Tag: OPENBSD_4_5 ttcmap.c
lib/freetype/src/smooth: Tag: OPENBSD_4_5 ftsmooth.c
Log message:
MFC: Fixes for CVE-2009-0946 from freetype2 git repository:
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote
attackers to execute arbitrary code via vectors related to large values
in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c,
and (3) cff/cffload.c.
Plus one additional fix for malformed compressed data.
