Advisories ยป MGASA-2017-0085

Updated freetype2 packages fix security vulnerability

Publication date: 25 Mar 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-10244

Description

The parse_charstrings function in type1/t1load.c in FreeType 2 did not
ensure that a font contains a glyph name, which could allow remote
attackers to cause a denial of service (heap-based buffer over-read) or
possibly have unspecified other impact via a crafted file
(CVE-2016-10244).
                

References

SRPMS

5/tainted

5/core