Package: libfreetype6 Version: 2.2.1-5 Severity: grave Tags: security patch Justification: user security hole
A vulnerability has been found in freetype. CVE-2007-2754: "Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow." A patch is at [1]. Please mention the CVE id in the changelog. [1] http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype&r1=1.177&r2=1.178 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
