Re: [SECURITY] [DSA 1302-1] New freetype packages fix integer overflow

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1302-1] New freetype packages fix integer overflow
From: Dominic Hargreaves <dom@earth.li>
Date: Mon, 11 Jun 2007 10:18:19 +0100
Message-id: <[🔎] 20070611091819.GP14632@urchin.earth.li>
In-reply-to: <20070610134840.GA19581@steve.org.uk>
References: <20070610134840.GA19581@steve.org.uk>

On Sun, Jun 10, 2007 at 02:48:40PM +0100, Steve Kemp wrote:

> A problem was discovered with freetype, a FreeTyp2 font engine, which
> could allow the execution of arbitary code via an integer overflow in
> specially crafted TTF files.
> 
> For the stable distribution (etch), this problem has been fixed in 
> version 2.2.1-5+etch1.
> 
> For the unstable distribution (sid), this problem has been fixed in
> version 2.2.1-6.

What is the status of the sarge packages?

Cheers,

Dominic.

-- 
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)


-- 
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Prev by Date: unsuscribe
Next by Date: Re: Time to replace MD5?
Previous by thread: unsuscribe
Next by thread: Latest OOo Etch update -7etch1 depends on different libneon
Index(es):
- Date
- Thread