Greg MacManus discovered an integer overflow in the font handling of
libfreetype, a FreeType 2 font engine, which might lead to denial of
service or possibly the execution of arbitrary code if a user is tricked
into opening a malformed font.
For the old stable distribution (sarge) this problem will be fixed
soon.
For the stable distribution (etch), this problem has been fixed in
version 2.2.1-5+etch2.
For the unstable distribution (sid), this problem has been fixed in
version 2.3.5-1.
We recommend that you upgrade your freetype packages.
CPE | Name | Operator | Version |
---|---|---|---|
freetype | eq | 2.2.1-5 | |
freetype | eq | 2.2.1-5+etch1 |