Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2020:4952

Опубликовано: 05 нояб. 2020
Источник: rocky
Оценка: Important

Описание

Important: freetype security update

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently.

Security Fix(es):

  • freetype: Heap-based buffer overflow due to integer truncation in Load_SBit_Png (CVE-2020-15999)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
freetypei6864.el8_3.1freetype-2.9.1-4.el8_3.1.i686.rpm
freetypex86_644.el8_3.1freetype-2.9.1-4.el8_3.1.x86_64.rpm
freetype-develi6864.el8_3.1freetype-devel-2.9.1-4.el8_3.1.i686.rpm
freetype-develx86_644.el8_3.1freetype-devel-2.9.1-4.el8_3.1.x86_64.rpm

Показывать по

Связанные CVE

CVE-2020-15999

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2020-15999

CVSS3: 9.6
ubuntu
больше 5 лет назад

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

redhat логотип

CVE-2020-15999

CVSS3: 8.6
redhat
больше 5 лет назад

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd логотип

CVE-2020-15999

CVSS3: 9.6
nvd
больше 5 лет назад

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

msrc логотип

CVE-2020-15999

CVSS3: 6.5
msrc
12 месяцев назад

Описание отсутствует

debian логотип

CVE-2020-15999

CVSS3: 9.6
debian
больше 5 лет назад

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.1 ...