Advisories ยป MGASA-2014-0526

Updated freetype2 packages fix security vulnerability

Publication date: 13 Dec 2014
Type: security
Affected Mageia releases : 4

Description

Updated freetype2 packages fix security vulnerability:

It was reported that Freetype before 2.5.4 suffers from an out-of-bounds
stack-based read/write flaw in cf2_hintmap_build() in the CFF rasterizing
code, which could lead to a buffer overflow.  This is due to an incomplete
fix for CVE-2014-2240.
                

References

SRPMS

4/core

4/tainted