SUSE: 2020:1353-1 Moderate: freetype2 NULL Pointer Issue
suse
May 20, 2020
An update that solves one vulnerability and has one errata is now available
Summary
This update for freetype2 to version 2.10.1 fixes the following issues: Security issue fixed: - CVE-2018-6942: Fixed a NULL pointer dereference within ttinerp.c (bsc#1079603). Non-security issues fixed: - Update to version 2.10.1 * The bytecode hinting of OpenType variation fonts was flawed, since the data in the `CVAR' table wasn't correctly applied. * Auto-hinter support for Mongolian. * The handling of the default character in PCF fonts as introduced in version 2.10.0 was partially broken, causing premature abortion of charmap iteration for many fonts. * If `FT_Set_Named_Instance' was called with the same arguments twice in a row, the function returned an incorrect error code the second time. * Direct rendering using FT_RASTER_FLAG_DIRECT crashed (bug introduced in version 2.10.0).
Topics Covered
References
#1079603 #1091109
Cross- CVE-2018-6942
Affected Products:
SUSE Linux Enterprise Module for Basesystem 15-SP1
https://www.suse.com/security/cve/CVE-2018-6942.html
https://bugzilla.suse.com/1079603
https://bugzilla.suse.com/1091109
PREVIOUS
NEXT
Announcement ID: SUSE-SU-2020:1353-1
Rating: moderate
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!