FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  452262
Date:      2017-10-17
Time:      05:29:41Z
Committer: jkim

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
4a088d67-3af2-11e7-9d75-c86000169601freetype2 -- buffer overflows

Werner Lemberg reports:

CVE-2017-8105, CVE-2017-8287: Older FreeType versions have out-of-bounds writes caused by heap-based buffer overflows related to Type 1 fonts.


Discovery 2017-05-17
Entry 2017-05-17
freetype2
lt 2.8

http://lists.nongnu.org/archive/html/freetype-announce/2017-05/msg00000.html
CVE-2017-8105
CVE-2017-8287
1a0de610-a761-11e3-95fe-bcaec565249cfreetype2 -- Out of bounds read/write

Mateusz Jurczyk reports:

Out of bounds stack-based read/write in cf2_hintmap_build.

This is a critical vulnerability in the CFF Rasterizer code recently contributed by Adobe, leading to potential arbitrary code execution in the context of the FreeType2 library client.


Discovery 2014-02-25
Entry 2014-03-09
freetype2
lt 2.5.3

http://savannah.nongnu.org/bugs/?41697
567beb1e-7e0a-11e4-b9cc-bcaec565249cfreetype -- Out of bounds stack-based read/write

Werner LEMBERG reports:

The fix for CVE-2014-2240 was not 100% complete to fix the issue from the CVE completly.


Discovery 2014-12-07
Entry 2014-12-07
freetype2
lt 2.5.4

http://lists.nongnu.org/archive/html/freetype-announce/2014-12/msg00000.html
CVE-2014-2240