Jump to content
Sign in to follow this  

Advisories MDVSA-2010:149: freetype2

Recommended Posts

A vulnerability has been discovered and corrected in freetype2:


Multiple stack overflow flaws have been reported in the way FreeType

font rendering engine processed certain CFF opcodes. An attacker

could use these flaws to create a specially-crafted font file that,

when opened, would cause an application linked against libfreetype

to crash, or, possibly execute arbitrary code (CVE-2010-1797).


Packages for 2008.0 and 2009.0 are provided as of the Extended

Maintenance Program. Please visit this link to learn more:



The updated packages have been patched to correct this issue.

Share this post

Link to post
Share on other sites
This topic is now closed to further replies.
Sign in to follow this  

  • Create New...