[SECURITY] [DSA 3839-1] freetype security update

ID DEBIAN:DSA-3839-1:995C3
Type debian
Reporter Debian
Modified 2017-04-28T19:25:14


Debian Security Advisory DSA-3839-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 28, 2017 https://www.debian.org/security/faq

Package : freetype CVE ID : CVE-2016-10244 CVE-2017-8105 CVE-2017-8287 Debian Bug : 856971 861220 861308

Several vulnerabilities were discovered in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code.

For the stable distribution (jessie), these problems have been fixed in version 2.5.2-3+deb8u2.

We recommend that you upgrade your freetype packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org