Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

openSUSE Leap 15.1: 2020:0704-1 Moderate: freetype2 NULL Pointer Issue

opensuse
Calendar Grey May 23, 2020
Dist Opensuse Esm H88
openSUSE Security Update: Security update for freetype2 ____________________________________________
An update that solves one vulnerability and has one errata is now available.

Description

This update for freetype2 to version 2.10.1 fixes the following issues:

Security issue fixed:

- CVE-2018-6942: Fixed a NULL pointer dereference within ttinerp.c

(bsc#1079603).

Non-security issues fixed:

- Update to version 2.10.1

* The bytecode hinting of OpenType variation fonts was flawed, since the

data in the `CVAR' table wasn't correctly applied.

* Auto-hinter support for Mongolian.

* The handling of the default character in PCF fonts as introduced in

version 2.10.0 was partially broken, causing premature abortion

of charmap iteration for many fonts.

* If `FT_Set_Named_Instance' was called with the same arguments

twice in a row, the function returned an incorrect error code the

second time.

* Direct rendering using FT_RASTER_FLAG_DIRECT crashed (bug

introduced in version 2.10.0).

* Increased precision while computing OpenType font variation

instances.

...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-704=1

Package List

- openSUSE Leap 15.1 (i586 x86_64):

freetype2-debugsource-2.10.1-lp151.4.3.1

freetype2-devel-2.10.1-lp151.4.3.1

libfreetype6-2.10.1-lp151.4.3.1

libfreetype6-debuginfo-2.10.1-lp151.4.3.1

- openSUSE Leap 15.1 (x86_64):

freetype2-devel-32bit-2.10.1-lp151.4.3.1

ft2demos-2.10.1-lp151.4.3.1

ftbench-2.10.1-lp151.4.3.1

ftdiff-2.10.1-lp151.4.3.1

ftdump-2.10.1-lp151.4.3.1

ftgamma-2.10.1-lp151.4.3.1

ftgrid-2.10.1-lp151.4.3.1

ftinspect-2.10.1-lp151.4.3.1

ftlint-2.10.1-lp151.4.3.1

ftmulti-2.10.1-lp151.4.3.1

ftstring-2.10.1-lp151.4.3.1

ftvalid-2.10.1-lp151.4.3.1

ftview-2.10.1-lp151.4.3.1

libfreetype6-32bit-2.10.1-lp151.4.3.1

libfreetype6-32bit-debuginfo-2.10.1-lp151.4.3.1

- openSUSE Leap 15.1 (noarch):

freetype2-profile-tti35-2.10.1-lp151.4.3.1

References

https://www.suse.com/security/cve/CVE-2018-6942.html

https://bugzilla.suse.com/1079603

https://bugzilla.suse.com/1091109

--

Announcement ID: openSUSE-SU-2020:0704-1
Rating: moderate
Affected Products: openSUSE Leap 15.1 le.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here