Robert Swiecki discovered several vulnerabilities in the FreeType font
library, which could lead to the execution of arbitrary code if a
malformed font file is processed.
Also, several buffer overflows were found in the included demo programs.
For the stable distribution (lenny), these problems have been fixed in
version 2.3.7-2+lenny2.
For the unstable distribution (sid), these problems have been fixed in
version 2.4.0-1.
We recommend that you upgrade your freetype packages.
CPE | Name | Operator | Version |
---|---|---|---|
freetype | eq | 2.3.7-2 | |
freetype | eq | 2.3.7-2+lenny1 |