Users of FreeType please be advised of an Important security update that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
RHSA-2010:0864-02: [RHSA-2010:0864-02] Important: freetype security update
Product: Red Hat Enterprise Linux
Description:
FreeType is a free, high-quality, portable font engine that can open and
manage font files. It also loads, hints, and renders individual glyphs
efficiently. These packages provide the FreeType 2 font engine.
It was found that the FreeType font rendering engine improperly validated
certain position values when processing input streams. If a user loaded a
specially-crafted font file with an application linked against FreeType, it
could cause the application to crash or, possibly, execute arbitrary code
with the privileges of the user running the application. (CVE-2010-2805,
CVE-2010-3311)
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/be6S76
No comments:
Post a Comment