Candidate: CVE-2017-7864
PublicDate: 2017-04-14 04:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7864
 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=509
 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699596af5c5d6f0ae0ea06e19df87dce088df8
Description:
 FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a
 heap-based buffer overflow related to the tt_size_reset function in
 truetype/ttobjs.c.
Ubuntu-Description:
Notes:
 sbeattie> CFF2 support was introduced in 2.7.1.
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]

Patches_freetype:
upstream_freetype: released (2.7.1)
precise_freetype: not-affected (code not present)
trusty_freetype: not-affected (code not present)
trusty/esm_freetype: not-affected (code not present)
vivid/stable-phone-overlay_freetype: not-affected (code not present)
vivid/ubuntu-core_freetype: not-affected (code not present)
xenial_freetype: not-affected (code not present)
esm-infra/xenial_freetype: not-affected (code not present)
yakkety_freetype: not-affected (code not present)
zesty_freetype: not-affected (code not present)
devel_freetype: not-affected (code not present)