Bugtraq mailing list archives
rPSA-2006-0100-1 freetype
From: "Justin M. Forbes" <jmforbes () rpath com>
Date: Mon, 12 Jun 2006 14:11:00 -0400
rPath Security Advisory: 2006-0100-1 Published: 2006-06-12 Products: rPath Linux 1 Rating: Major Exposure Level Classification: User Non-deterministic Weakness Updated Versions: freetype=/conary.rpath.com@rpl:devel//1/2.1.10-2.2-1 References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0747 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1861 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2661 http://issues.rpath.com/browse/RPL-429 Description: Previous versions of the freetype library contain multiple integer overflow weaknesses which allow remote providers of font files (which may include fonts embedded in documents such as PDF files) to cause applications to crash, and may possibly also allow them to execute arbitrary code as the user accessing the files.
Current thread:
- rPSA-2006-0100-1 freetype Justin M. Forbes (Jun 12)