CVE-2015-9383

Published: 3 September 2019

FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c.

Priority

CVSS 3 base score: 6.5

Status

Package	Release	Status
freetype Launchpad, Ubuntu, Debian	bionic	Not vulnerable (2.8.1-2ubuntu2)
	disco	Not vulnerable
	precise	Released (2.4.8-1ubuntu2.7)
	trusty	Released (2.5.2-1ubuntu2.8+esm1)
	upstream	Released (2.6.3-1)
	xenial	Released (2.6.1-0.1ubuntu2.4)

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.