CVE-2015-9383

Published: 03 September 2019

FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
freetype
Launchpad, Ubuntu, Debian 		Upstream
Released (2.6.3-1)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(2.8.1-2ubuntu2)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (2.6.1-0.1ubuntu2.4)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2.5.2-1ubuntu2.8+esm1)

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading