shithub: freetype+ttf2subf

Download patch

ref: 7752c68c50e651d76615de84db1e34f7ee1329b3
parent: 7fa5743ae67ec1e61e03f2bb86b0a662910261b8
author: Werner Lemberg <[email protected]>
date: Wed Apr 26 05:16:45 EDT 2017

Document CVE-2017-8105.

git/fs: mount .git/fs: mount/attach disallowed
--- a/docs/CHANGES
+++ b/docs/CHANGES
@@ -29,6 +29,11 @@
       now scales  the font linearly  again (bug introduced  in version
       2.4.6).
 
+    - CVE-2017-8105: Older FreeType versions has an out-of-bounds write
+      caused by a heap-based buffer overflow related to the Type 1 fonts.
+
+        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105
+
 
   III. MISCELLANEOUS