oss-sec mailing list archives
CVE request and info: freetype flaw to jailbreak iphone
From: Vincent Danen <vdanen () redhat com>
Date: Sat, 16 Jul 2011 12:53:52 -0600
I'm not sure if this has received a CVE name or not (if it did, it was likely assigned to iOS specifically and not freetype). It looks like the flaw used to jailbreak the iphone was in freetype's PS type1 font handling. I've taken a quick look, but am by no means a C guy, but the code paths are different in freetype 2.2.x and it looks as thought 2.3.11 at least (so perhaps all of 2.3.x?) is affected. The Secunia report indicates 2.4.5 and possibly older versions. References: https://bugzilla.redhat.com/show_bug.cgi?id=722701 http://secunia.com/advisories/45167 http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00014.html http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00015.html --Vincent Danen / Red Hat Security Response Team
Current thread:
- CVE request and info: freetype flaw to jailbreak iphone Vincent Danen (Jul 16)
- Re: CVE request and info: freetype flaw to jailbreak iphone Geoffrey Keating (Jul 17)