Re: [ft-devel] details on iPhone exploit caused by FreeType?

freetype-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ft-devel] details on iPhone exploit caused by FreeType?

From:	Alan Coopersmith
Subject:	Re: [ft-devel] details on iPhone exploit caused by FreeType?
Date:	Thu, 28 Jul 2011 11:31:00 -0700
User-agent:	Mozilla/5.0 (X11; U; SunOS i86pc; en-US; rv:1.9.2.18) Gecko/20110704 Lightning/1.0b2 ObetStats/CATLDF_1292659975428-846018417 Thunderbird/3.1.11

I sent privately to Werner yesterday, but since the sites are public,
I guess it might as well go to the full list.

Our security team pointed me to the analysis at:
http://esec-lab.sogeti.com/post/Analysis-of-the-jailbreakme-v3-font-exploit

and that Red Hat has issued a security patch consisting of the recent
git commits to src/psaux/t1decode.c:

https://rhn.redhat.com/errata/RHSA-2011-1085.html
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0226

-- 
        -Alan Coopersmith-        address@hidden
         Oracle Solaris Platform Engineering: X Window System

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [ft-devel] details on iPhone exploit caused by FreeType?, (continued)
- Re: [ft-devel] details on iPhone exploit caused by FreeType?, Alan Coopersmith <=
  - Re: [ft-devel] details on iPhone exploit caused by FreeType?, Werner LEMBERG, 2011/07/28

Prev by Date: Re: [ft-devel] broken hinted DejaVuSans et 4
Next by Date: Re: [ft-devel] details on iPhone exploit caused by FreeType?
Previous by thread: Re: [ft-devel] details on iPhone exploit caused by FreeType?
Next by thread: Re: [ft-devel] details on iPhone exploit caused by FreeType?
Index(es):
- Date
- Thread