To comment on the following update, log in, then open the issue: http://www.openoffice.org/issues/show_bug.cgi?id=101560 Issue #|101560 Summary|integer overflows in freetype Component|utilities Version|OOO310m11 Platform|All URL|http://lists.debian.org/debian-security-announce/2009/ |msg00095.html OS/Version|All Status|NEW Status whiteboard| Keywords| Resolution| Issue type|DEFECT Priority|P2 Subcomponent|code Assigned to|mh Reported by|rene
------- Additional comments from r...@openoffice.org Tue May 5 09:38:07 +0000 2009 ------- --- snip --- - -------------------------------------------------------------------------- Debian Security Advisory DSA-1784-1 secur...@debian.org http://www.debian.org/security/ Nico Golde April 30th, 2009 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : freetype Vulnerability : integer overflows Problem type : local (remote) Debian-specific: no CVE ID : CVE-2009-0946 Tavis Ormandy discovered several integer overflows in FreeType, a library to process and access font files, resulting in heap- or stack-based buffer overflows leading to application crashes or the execution of arbitrary code via a crafted font file. For the oldstable distribution (etch), this problem has been fixed in version 2.2.1-5+etch4. For the stable distribution (lenny), this problem has been fixed in version 2.3.7-2+lenny1. For the testing distribution (squeeze), this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 2.3.9-4.1. --- snip --- --------------------------------------------------------------------- Please do not reply to this automatically generated notification from Issue Tracker. Please log onto the website and enter your comments. http://qa.openoffice.org/issue_handling/project_issues.html#notification --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@util.openoffice.org For additional commands, e-mail: issues-h...@util.openoffice.org --------------------------------------------------------------------- To unsubscribe, e-mail: allbugs-unsubscr...@openoffice.org For additional commands, e-mail: allbugs-h...@openoffice.org