Users of Freetype2 please be advised of multiple buffer underflow and overflow vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
MDVSA-2010:137: freetype2
Multiple integer underflows/overflows and heap buffer overflows was
discovered and fixed (CVE-2010-2497, CVE-2010-2498, CVE-2010-2499,
CVE-2010-2500, CVE-2010-2519).
A heap buffer overflow was discovered in the bytecode support. The
bytecode support is NOT enabled per default in Mandriva due to previous
patent claims, but packages by PLF is affected (CVE-2010-2520).
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/drPilF
No comments:
Post a Comment