commit 2a1b4bb97a66fc89f9d92dabde39af2d8eea079a
Author: Miklos Vajna <>
Date:   Tue May 31 00:16:19 2011 +0200


diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml
index fa62d28..fbcac3f 100644
--- a/frugalware/xml/security.xml
+++ b/frugalware/xml/security.xml
@@ -26,6 +26,20 @@

+               <id>724</id>
+               <date>2011-05-31</date>
+               <author>Miklos Vajna</author>
+               <package>freetype2</package>
+               <vulnerable>2.4.2-1</vulnerable>
+               <unaffected>2.4.2-2nexon1</unaffected>
+               <bts></bts>
+               <cve>
+              </cve>
+               <desc>Some vulnerabilities have been reported in FreeType, 
which can be exploited to cause a DoS (Denial of Service) or potentially 
compromise an application using the library.
+                       1) An error exists in the "ft_var_readpackedpoints()" 
function in src/truetype/ttgxvar.c when processing TrueType GX fonts and can be 
exploited to cause a heap-based buffer overflow via a specially crafted font.
+                       2) An error within the "Ins_SHZ()" function in 
src/truetype/ttinterp.c when handling the "SHZ" bytecode instruction can be 
exploited to cause a crash and potentially execute arbitrary code via a 
specially crafted font.</desc>
+       </fsa>
+       <fsa>
<author>Miklos Vajna</author>
Frugalware-git mailing list

Reply via email to