shithub: freetype+ttf2subf

Download patch

ref: e9e2e5d4601fe4474bd2cff70a2c8c6a7c7387c3
parent: 0a5315d141e698253603170595c655132d9baff2
author: Werner Lemberg <[email protected]>
date: Thu Apr 27 09:25:58 EDT 2017 

Document CVE-2017-8287.

git/fs: mount .git/fs: mount/attach disallowed 
--- a/docs/CHANGES
+++ b/docs/CHANGES
@@ -29,11 +29,12 @@
       now scales  the font linearly  again (bug introduced  in version
       2.4.6).
 
-    - CVE-2017-8105:  Older  FreeType  versions has  an  out-of-bounds
-      write caused by a heap-based buffer overflow related to the Type
-      1 fonts.
+    - CVE-2017-8105,  CVE-2017-8287:  Older   FreeType  versions  have
+      out-of-bounds  writes  caused  by  heap-based  buffer  overflows
+      related to Type 1 fonts.
 
-        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105
+        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105
+        https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287
 
 
   III. MISCELLANEOUS