For anyone that is curious:
---------------- Begin Forwarded Message ---------------- APPLE-SA-2009-05-12 Security Update 2009-002 / Mac OS X v10.5.7 Security Update 2009-002 / Mac OS X v10.5.7 is now available and addresses the following: <snip> X11 CVE-ID: CVE-2006-0747, CVE-2007-2754 Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11 Impact: Multiple vulnerabilities in FreeType v2.1.4 Description: Multiple vulnerabilities exist in FreeType v2.1.4, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. This update addresses the issues by updating FreeType to version 2.3.8. Further information is available via the FreeType site at http://www.freetype.org/ The issues are already addressed in systems running Mac OS X v10.5.6. X11 CVE-ID: CVE-2009-0946 Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6 Impact: Multiple vulnerabilities in FreeType v2.3.8 Description: Multiple integer overflows exist in FreeType v2.3.8, which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issues through improved bounds checking. Credit to Tavis Ormandy of the Google Security Team for reporting these issues. <snip> ----------------- End Forwarded Message ----------------- _______________________________________________ Freetype-devel mailing list Freetype-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/freetype-devel
