diff -u freetype-2.8/debian/changelog freetype-2.8/debian/changelog
--- freetype-2.8/debian/changelog
+++ freetype-2.8/debian/changelog
@@ -1,3 +1,12 @@
+freetype (2.8-0.2ubuntu2.1) artful-security; urgency=medium
+
+  * SECURITY UPDATE: NULL dereference pointer
+    - debian/patches-freetype/CVE-2018-6942.patch: re sets args array to zero
+      if not coords in src/truetype/ttinterp.c.
+    - CVE-2018-6942
+
+ -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Wed, 14 Feb 2018 12:33:52 -0300
+
 freetype (2.8-0.2ubuntu2) artful; urgency=medium
 
   * debian/rules: post-process ftconfig.h to avoid arch-dependent
diff -u freetype-2.8/debian/patches-freetype/series freetype-2.8/debian/patches-freetype/series
--- freetype-2.8/debian/patches-freetype/series
+++ freetype-2.8/debian/patches-freetype/series
@@ -7,0 +8 @@
+CVE-2018-6942.patch
only in patch2:
unchanged:
--- freetype-2.8.orig/debian/patches-freetype/CVE-2018-6942.patch
+++ freetype-2.8/debian/patches-freetype/CVE-2018-6942.patch
@@ -0,0 +1,54 @@
+From 29c759284e305ec428703c9a5831d0b1fc3497ef Mon Sep 17 00:00:00 2001
+From: Werner Lemberg <wl@gnu.org>
+Date: Sat, 27 Jan 2018 14:43:43 +0100
+Subject: * src/truetype/ttinterp.c (Ins_GETVARIATION): Avoid NULL reference.
+
+Reported as
+
+  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736
+---
+ ChangeLog               |  8 ++++++++
+ src/truetype/ttinterp.c | 12 ++++++++++--
+ 2 files changed, 18 insertions(+), 2 deletions(-)
+
+#diff --git a/ChangeLog b/ChangeLog
+#index 15ef4ae..fff4a41 100644
+#--- a/ChangeLog
+#+++ b/ChangeLog
+#@@ -1,5 +1,13 @@
+# 2018-01-27  Werner Lemberg  <wl@gnu.org>
+# 
+#+	* src/truetype/ttinterp.c (Ins_GETVARIATION): Avoid NULL reference.
+#+
+#+	Reported as
+#+
+#+	  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736
+#+
+#+2018-01-27  Werner Lemberg  <wl@gnu.org>
+#+
+# 	* src/truetype/ttgxvar.c (tt_set_mm_blend): Minor.
+# 
+ 2018-01-27  Werner Lemberg  <wl@gnu.org>
+Index: freetype-2.8/src/truetype/ttinterp.c
+===================================================================
+--- freetype-2.8.orig/src/truetype/ttinterp.c
++++ freetype-2.8/src/truetype/ttinterp.c
+@@ -7470,8 +7470,16 @@
+       return;
+     }
+ 
+-    for ( i = 0; i < num_axes; i++ )
+-      args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */
++    if ( coords )
++    {
++      for ( i = 0; i < num_axes; i++ )
++        args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */
++    }
++    else
++    {
++      for ( i = 0; i < num_axes; i++ )
++        args[i] = 0;
++    }
+   }
+ 
+