Bug 12649 - pango: CVE-2011-0020: Heap-based buffer overflow with FreeType2 backend
: pango: CVE-2011-0020: Heap-based buffer overflow with FreeType2 backend
Status: NEW
Product: Maemo 5 Community SSU
general
: testing
: N900 Maemo
: Unspecified major (vote)
: ---
Assigned To: unassigned
: general
:
:
:
:
  Show dependency tree
 
Reported: 2012-08-10 16:18 UTC by Andre Klapper
Modified: 2012-08-10 16:18 UTC (History)
0 users (show)

See Also:


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description Andre Klapper (reporter) maemo.org 2012-08-10 16:18:24 UTC
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0020

Maemo5 CSSU Testing ships
libpango1.0-0 1.24.2-0maemo5
libpango1.0-common 1.24.2-0maemo5

Looking at http://gitorious.org/community-ssu/pango the currently shipped
version is affected.

UPSTREAM TICKET:
https://bugzilla.gnome.org/show_bug.cgi?id=639882

PATCH TO BACKPOR:
http://git.gnome.org/browse/pango/commit/?id=4e6248d76f55c6184f28afe614d7d76b6fa3d455