Users of MDVSA-2010 please be advised of a(n) freetype2 - Multiple vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
MDVSA-2010:137: MDVSA-2010:137 - freetype2 - Multiple Vulnerabilities
Mandriva Linux Security Advisory MDVSA
Problem Description:
Multiple vulnerabilities has been found and corrected in freetype2:
Multiple integer underflows/overflows and heap buffer overflows was
discovered and fixed (CVE-2010-2497, CVE-2010-2498, CVE-2010-2499,
CVE-2010-2500, CVE-2010-2519).
A heap buffer overflow was discovered in the bytecode support. The
bytecode support is NOT enabled per default in Mandriva due to previous
patent claims, but packages by PLF is affected (CVE-2010-2520).
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.Read more at www.criticalwatch.com
See this Amp at http://bit.ly/c7AKKR
No comments:
Post a Comment