[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1887-1] freetype security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : freetype
Version        : 2.5.2-3+deb8u3
CVE ID         : CVE-2015-9290


A buffer over-read in the t1-parser of freetype, a font engine, has been found and fixed by checking limits more sensible.


For Debian 8 "Jessie", this problem has been fixed in version
2.5.2-3+deb8u3.

We recommend that you upgrade your freetype packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl1VwQFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEe6oQ//f2sVDT9dBPDn3YnrN4YJ4gqGn+OBY/+xB8U/gUNS8pFgyOgZrVk7nd7f
p1H1SGfCbvcyIcR6z+/hUlf5KDWa1c4rdJ636XzMf4yxI+gfbFmRDBwicSAA6fdu
8wBniv1kC3ZY/L6xv/gSFw5KoJBjsrlU1oh+8rSHAe1G5E33QchONaaOLGWACot6
otvWcJBmIwTt4urp6mie+UyPUGBGj0K/yh7PnWALaJv0OWjz7jgT32Tu4J6uPd5F
LYJZ5TTxzn+ebB83gWD30oWM35dpHl5I2c8TFMeambHIpKcN69XKvS4d0RrUlTjz
oJM2re4Qw/AWo4ZMwtZD+5HHaNYainzzBqj3Gcl0fBYQkoRrd2YqDf3NkeHQEdUf
z43WaKYAPqVGISPxHlvNb+WbnuOw60/0YKiWr3Emc6Sq8eavJpFL9gZ8eMVUPr3Y
vwslq5wOX5jj439JzGlN5SsPFobTXBYMKlSHaOdXaUVV6rRIY7yiJXIgsFw+YlRF
sJjgrXb8hTKf4euhR2Opz8mSiajZI/L5lQPXL6dPeaWagirXkdnAV2YjudM3DWQw
1nJCWb25Im/dG7zuzIfXeptVDR41eeDdF4oa0CAWiTIFo+DtSJhCR6keRAD/jQyQ
HSvWaC1TawE2K5VJszejqnE3cCvB6h0J7AdQeVOhTymGRoZ/vwI=
=XNGe
-----END PGP SIGNATURE-----


Reply to: