PCLinuxOS-Forums
News: Wishing everyone a Happy 2012
 
Home Help Search Login Register
*
Welcome, Guest. Please login or register. February 11, 2012, 01:22:03 AM


Login with username, password and session length


Main
PCLinuxOS-Forums > Software > Software Announcements > Security Update: freetype2-2.3.11-2
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Security Update: freetype2-2.3.11-2  (Read 393 times)
Texstar
Administrator
Super Villain
*****
Offline Offline

Posts: 11861
« on: August 15, 2010, 06:05:27 PM »
Summary
=======

Multiple vulnerabilities have been fixed in FreeType.


Description
===========

CVE-2010-1797:

Buffer  overflow errors   in   the   "cff_decoder_parse_charstrings()" 
[src/cff/cffgload.c] function when processing Compact Font Format (CFF)
opcodes allows remote attackers to crash an affected application linked
against a vulnerable library, or execute arbitrary code via a malicious
font. Stack overflow vulnerability was found allow remote attarckers to
execute arbitrary code.



CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-2808:

Memory corruption flaws were found in the way FreeType  font  rendering
engine processed certain Adobe Type 1 Mac Font File  (LWFN)  fonts.  An
attacker could use this flaw to create a  specially-crafted  font  file
that, when opened, would cause an application linked against libfreetype
to crash, or, possibly execute arbitrary code.


This package will part of your Synaptic Package Manager updates.
Logged
Follow the development of PCLinuxOS on Twitter
Help fund the PCLinuxOS project!

"I'm not so good on advice, can I interest you in a sarcastic reply?"
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines

Valid XHTML 1.0! Valid CSS! Dilber MC Theme by HarzeM