lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Jun 2006 14:11:00 -0400 From: "Justin M. Forbes" <jmforbes@...th.com> To: security-announce@...ts.rpath.com, update-announce@...ts.rpath.com Cc: lwn@....net, full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: rPSA-2006-0100-1 freetype rPath Security Advisory: 2006-0100-1 Published: 2006-06-12 Products: rPath Linux 1 Rating: Major Exposure Level Classification: User Non-deterministic Weakness Updated Versions: freetype=/conary.rpath.com@rpl:devel//1/2.1.10-2.2-1 References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0747 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1861 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2661 http://issues.rpath.com/browse/RPL-429 Description: Previous versions of the freetype library contain multiple integer overflow weaknesses which allow remote providers of font files (which may include fonts embedded in documents such as PDF files) to cause applications to crash, and may possibly also allow them to execute arbitrary code as the user accessing the files. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists