| Errata ID | 332 |
|---|---|
| Date | 2018-04-18 |
| Source package | freetype |
| Fixed in version | 2.5.2-3+deb8u2 |
| Description | This update addresses the following issues: * CVE-2016-10244: parse_charstrings function in type1/t1load.c does not ensure that a font contains a glyph name * CVE-2017-8105: heap-based buffer overflow related to the t1_decoder_parse_charstrings * CVE-2017-8287: heap-based buffer overflow related to the t1_builder_close_contour function |
| Additional notes | |
| CVE ID | CVE-2016-10244 CVE-2017-8105 CVE-2017-8287 |
| UCS Bug number | #44574 |
