DSA-1784-1 freetype -- integer overflowsID: oval:org.secpod.oval:def:600512 | Date: (C)2011-05-13 (M)2024-02-19 |
Class: PATCH | Family: unix |
Tavis Ormandy discovered several integer overflows in FreeType, a library to process and access font files, resulting in heap- or stack-based buffer overflows leading to application crashes or the execution of arbitrary code via a crafted font file. For the oldstable distribution , this problem has been fixed in version 2.2.1-5+etch4. For the stable distribution , this problem has been fixed in version 2.3.7-2+lenny1. For the testing distribution , this problem will be fixed soon. For the unstable distribution , this problem has been fixed in version 2.3.9-4.1. We recommend that you upgrade your freetype packages.
Platform: |
Debian 5.0 |
Debian 4.0 |