Advisories » MGASA-2018-0140

Updated freetype2 packages fix security vulnerability

Publication date: 24 Feb 2018
Modification date: 24 Feb 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-6942

Description

An issue was discovered in FreeType 2 through 2.9. A NULL pointer
dereference in the Ins_GETVARIATION() function within ttinterp.c could
lead to DoS via a crafted font file (CVE-2018-6942).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=22611
• https://usn.ubuntu.com/usn/usn-3572-1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6942

SRPMS

6/core

• freetype2-2.7.1-2.2.mga6

6/tainted

• freetype2-2.7.1-2.2.mga6.tainted