[ MDVSA-2015:089 ] freetype2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:089
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : freetype2
 Date    : March 28, 2015
 Affected: Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated freetype2 packages fix security vulnerabilities:
 
 It was reported that Freetype before 2.5.3 suffers from an
 out-of-bounds stack-based read/write flaw in cf2_hintmap_build()
 in the CFF rasterizing code, which could lead to a buffer overflow
 (CVE-2014-2240).
 
 It was also reported that Freetype before 2.5.3 has a denial-of-service
 vulnerability in the CFF rasterizing code, due to a reachable assertion
 (CVE-2014-2241).
 
 It was reported that Freetype before 2.5.4 suffers from an
 out-of-bounds stack-based read/wr

007 Software

[ MDVSA-2015:089 ] freetype2

Leave a Reply Cancel reply

Software and Security Information