Bug 1035807 (CVE-2017-8105)

Summary: VUL-0: CVE-2017-8105: freetype2: FreeType 2 before 2017-03-24 has an out-of-bounds write caused by aheap-based buffer overflow relat...
Product: [Novell Products] SUSE Security Incidents Reporter: Marcus Meissner <meissner>
Component: IncidentsAssignee: Fridrich Strba <fstrba>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: astieger, fstrba, hrvoje.senjan, ismail, karol, postadal, simonizor, smash_bz
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/184202/
Whiteboard: CVSSv2:SUSE:CVE-2017-8105:5.1:(AV:N/AC:H/Au:N/C:P/I:P/A:P) CVSSv3:SUSE:CVE-2017-8105:5.6:(AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Marcus Meissner 2017-04-24 19:50:28 UTC 
CVE-2017-8105

FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a
heap-based buffer overflow related to the t1_decoder_parse_charstrings
function in psaux/t1decode.c.


References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105
Comment 2 Marcus Meissner 2017-04-24 19:54:53 UTC 
even in sle11 ga
Comment 3 Andreas Stieger 2018-02-06 07:11:53 UTC 
ping... community user requested this bump for Tumbleweed in bug 1079459
Comment 4 Andreas Stieger 2018-02-06 07:30:56 UTC 
Already submitted without tracking:
https://build.opensuse.org/request/show/563247

Stuck in TW staging. Ismail could you look at the failures?
Comment 5 Karol Babioch 2018-02-06 12:27:51 UTC 
Codestreams in SLE are not affected, because they are too old. This was only introduced with 2.6.5 and fixed upstream in version 2.8.

This needs to be fixed in Factory (see bug 1079459) by bumping the version to the latest upstream version.
Comment 9 Swamp Workflow Management 2018-02-09 20:13:22 UTC 
SUSE-SU-2018:0414-1: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 1028103,1035807,1036457,1079600
CVE References: CVE-2016-10244,CVE-2017-7864,CVE-2017-8105,CVE-2017-8287
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    freetype2-2.6.3-7.15.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    freetype2-2.6.3-7.15.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    freetype2-2.6.3-7.15.1, ft2demos-2.6.3-7.15.1
SUSE Linux Enterprise Server 12-SP3 (src):    freetype2-2.6.3-7.15.1, ft2demos-2.6.3-7.15.1
SUSE Linux Enterprise Server 12-SP2 (src):    freetype2-2.6.3-7.15.1, ft2demos-2.6.3-7.15.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    freetype2-2.6.3-7.15.1, ft2demos-2.6.3-7.15.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    freetype2-2.6.3-7.15.1, ft2demos-2.6.3-7.15.1
SUSE CaaS Platform ALL (src):    freetype2-2.6.3-7.15.1
Comment 10 Swamp Workflow Management 2018-02-12 11:09:01 UTC 
openSUSE-SU-2018:0420-1: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 1028103,1035807,1036457,1079600
CVE References: CVE-2016-10244,CVE-2017-7864,CVE-2017-8105,CVE-2017-8287
Sources used:
openSUSE Leap 42.3 (src):    freetype2-2.6.3-5.3.1, ft2demos-2.6.3-5.3.1
Comment 11 Swamp Workflow Management 2018-02-16 14:07:50 UTC 
SUSE-SU-2018:0462-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1028103,1035807,1036457
CVE References: CVE-2016-10244,CVE-2017-8105,CVE-2017-8287
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    freetype2-2.3.7-25.45.5.1
SUSE Linux Enterprise Server 11-SP4 (src):    freetype2-2.3.7-25.45.5.1, ft2demos-2.3.7-25.45.5.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    freetype2-2.3.7-25.45.5.1, ft2demos-2.3.7-25.45.5.1
Comment 14 Petr Ostadal 2022-04-07 08:48:04 UTC 
fixed