Package : t1utils Version : 1.36-1+deb6u1 CVE ID : CVE-2015-3905 Debian Bug : 779274 Jakub Wilk found a vulnerability in the Type 1 font manipulation programs, t1utils: CVE-2015-3905 Buffer overflow in the set_cs_start function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. For Debian 6 "Squeeze", this issue has been fixed in t1utils version 1.36-1+deb6u1.
Attachment:
signature.asc
Description: Digital signature