Apache OpenOffice (AOO) Bugzilla – Full Text Issue Listing |
Summary: | freetype security bug (CVE-2007-2754) | ||
---|---|---|---|
Product: | utilities | Reporter: | rene |
Component: | code | Assignee: | eric.savary |
Status: | CLOSED FIXED | QA Contact: | Unknown <non-migrated> |
Severity: | Trivial | ||
Priority: | P1 (highest) | CC: | bjoern.milcke, issues, nesshof, pavel |
Version: | OOo 2.2.1 RC2 | Keywords: | security |
Target Milestone: | OOo 2.2.1 | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2754 | ||
Issue Type: | DEFECT | Latest Confirmation in: | --- |
Developer Difficulty: | --- |
Description
rene
2007-05-23 21:00:26 UTC
target 2.2.1 set keyword Hmm. I don't see ttg*.* compiled... fixed anyway (cws freetypettg) ah. no. we *are* affected. freetype does nasty things like this: $ grep ttgl * Jamfile: _sources = ttdriver ttobjs ttpload ttgload ttinterp ttgxvar ; rules.mk: $(TT_DIR)/ttgload.c \ truetype.c:#include "ttgload.c" /* glyph loader */ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ [...] note the .c . reassign for verification VERIFIED in CWS freetypettg. verified in 2.2.1 -< closed |