Jump to content

Advisories MDVSA-2010:137: freetype2


paul
 Share

Recommended Posts

Multiple vulnerabilities has been found and corrected in freetype2:

 

Multiple integer underflows/overflows and heap buffer overflows was

discovered and fixed (CVE-2010-2497, CVE-2010-2498, CVE-2010-2499,

CVE-2010-2500, CVE-2010-2519).

 

A heap buffer overflow was discovered in the bytecode support. The

bytecode support is NOT enabled per default in Mandriva due to previous

patent claims, but packages by PLF is affected (CVE-2010-2520).

 

Packages for 2008.0 and 2009.0 are provided as of the Extended

Maintenance Program. Please visit this link to learn more:

http://store.mandriva.com/product_info.php?cPath=149&products_id=490

 

The updated packages have been patched to correct these issues.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...