[Bug 684952] Re: Stack buffer overflow in BDF file parsing
Louis Simard
their allocated buffers, for many fields in the BDF file format, including
CHARSET_REGISTRY.
I have tested FontForge before and after the patch; it does not crash
predictably anymore.
** Patch added: "fix for CVE-2010-4259 crash"
https://bugs.launchpad.net/ubuntu/+source/fontforge/+bug/684952/+attachment/1754634/+files/cve-2010-4259.patch
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/684952
Title:
Stack buffer overflow in BDF file parsing
--
ubuntu-bugs mailing list
ubunt...@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Louis Simard
Louis Simard
vulnerability.
Since the package is compiled with stack smashing detection enabled, it
may not be exploitable for arbitrary code execution via this
vulnerability.
Kees Cook
** This bug has been flagged as a security vulnerability
Brian Murray
--
You received this bug notification because you are a member of Ubuntu
Review Team, which is a direct subscriber.
https://bugs.launchpad.net/bugs/684952
Title:
Stack buffer overflow in BDF file parsing
--
Ubuntu-patch-reviews mailing list
Ubuntu-pat...@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-patch-reviews
Marc Deslauriers
Status: New => Confirmed
** Changed in: fontforge (Ubuntu)
Importance: Undecided => Low
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/684952
Title:
Stack buffer overflow in BDF file parsing
--