Bug 12649

Summary: pango: CVE-2011-0020: Heap-based buffer overflow with FreeType2 backend
Product: [Extras] Maemo 5 Community SSU Reporter: Andre Klapper <andre_klapper>
Component: generalAssignee: unassigned <nobody>
Status: NEW QA Contact: general
Severity: major    
Priority: Unspecified    
Version: testing   
Target Milestone: ---   
Hardware: N900   
OS: Maemo   

Description Andre Klapper (reporter) maemo.org 2012-08-10 16:18:24 UTC
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0020

Maemo5 CSSU Testing ships
libpango1.0-0 1.24.2-0maemo5
libpango1.0-common 1.24.2-0maemo5

Looking at http://gitorious.org/community-ssu/pango the currently shipped
version is affected.

UPSTREAM TICKET:
https://bugzilla.gnome.org/show_bug.cgi?id=639882

PATCH TO BACKPOR:
http://git.gnome.org/browse/pango/commit/?id=4e6248d76f55c6184f28afe614d7d76b6fa3d455