On Tue, Mar 06, 2012 at 10:12:35PM +0100, Yves-Alexis Perez wrote:
> Source: freetype
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Hi,
>
> several vulnerabilities were found in freetype and were fixed in 2.4.9.
>
> A summary can be found in the oss-sec thread starting at
> http://www.openwall.com/lists/oss-security/2012/03/06/13 and followups.
>
> Could you prepare an update for the various affected suites?
Only CVE-2012-1133, CVE-2012-1136, CVE-2012-1134, CVE-2012-1142 and
CVE-2012-1144 can be used for code injection. The rest can be fixed
along (or later in some point update) or left unfixed in stable.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
