On 2025-06-11 13:35, Simon McVittie wrote:
On Wed, 11 Jun 2025 at 12:14:36 -0400, Marc Deslauriers wrote:
On 2025-06-06 09:40, Attila Szasz wrote:
I didn't make this explicit in the video, but this works when
running as a non-sudoer user, and also on Ubuntu Server. I think
Canonical Pr
It seems I have overlooked this thread, and want to chime in.
On 2025-06-06 09:40, Attila Szasz wrote:
OTOH, is there other significant security impact? As I understood, on
Ubuntu a privileged logged in user could use this bug to obtain root.
However, is that user perhaps privileged enough to a
Hi Michel,
On 2025-03-13 22:54, Michel Lind wrote:
The fixes I'm working with both the Meta security folks and the EL
community (CentOS / AlmaLinux) can be tracked
herehttps://gitlab.com/redhat/centos-stream/rpms/freetype/-/merge_requests/8/diffs
I think if you're removing the 4 "phantom poin
On 2025-03-13 16:50, Vulnerability Disclosure wrote:
In the following change
+if ( FT_QNEW_ARRAY( outline.points, limit + 4 ) ||
+ FT_QNEW_ARRAY( outline.tags, limit ) ||
+ FT_QNEW_ARRAY( outline.contours, limit ) ||
+ FT_QNEW_ARRAY( unrounded,
Hi,
On 2025-03-12 16:57, Michel Lind wrote:
Description:
An out of bounds write exists in FreeType versions 2.13.0 and below
when attempting to parse font subglyph structures related to TrueType
GX and variable font files. The vulnerable code assigns a signed short
value to an unsigned long and
