From 7752c68c50e651d76615de84db1e34f7ee1329b3 Mon Sep 17 00:00:00 2001
From: Werner Lemberg <wl@gnu.org>
Date: Wed, 26 Apr 2017 09:16:45 +0200
Subject: [PATCH] Document CVE-2017-8105.

---
 docs/CHANGES | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/docs/CHANGES b/docs/CHANGES
index c3c140232..8ad5dfae0 100644
--- a/docs/CHANGES
+++ b/docs/CHANGES
@@ -29,6 +29,11 @@ CHANGES BETWEEN 2.7.1 and 2.8
       now scales  the font linearly  again (bug introduced  in version
       2.4.6).
 
+    - CVE-2017-8105: Older FreeType versions has an out-of-bounds write
+      caused by a heap-based buffer overflow related to the Type 1 fonts.
+
+        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105
+
 
   III. MISCELLANEOUS