-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : freetype Version : 2.5.2-3+deb8u3 CVE ID : CVE-2015-9290
A buffer over-read in the t1-parser of freetype, a font engine, has been found and fixed by checking limits more sensible.
For Debian 8 "Jessie", this problem has been fixed in version 2.5.2-3+deb8u3. We recommend that you upgrade your freetype packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl1VwQFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEe6oQ//f2sVDT9dBPDn3YnrN4YJ4gqGn+OBY/+xB8U/gUNS8pFgyOgZrVk7nd7f p1H1SGfCbvcyIcR6z+/hUlf5KDWa1c4rdJ636XzMf4yxI+gfbFmRDBwicSAA6fdu 8wBniv1kC3ZY/L6xv/gSFw5KoJBjsrlU1oh+8rSHAe1G5E33QchONaaOLGWACot6 otvWcJBmIwTt4urp6mie+UyPUGBGj0K/yh7PnWALaJv0OWjz7jgT32Tu4J6uPd5F LYJZ5TTxzn+ebB83gWD30oWM35dpHl5I2c8TFMeambHIpKcN69XKvS4d0RrUlTjz oJM2re4Qw/AWo4ZMwtZD+5HHaNYainzzBqj3Gcl0fBYQkoRrd2YqDf3NkeHQEdUf z43WaKYAPqVGISPxHlvNb+WbnuOw60/0YKiWr3Emc6Sq8eavJpFL9gZ8eMVUPr3Y vwslq5wOX5jj439JzGlN5SsPFobTXBYMKlSHaOdXaUVV6rRIY7yiJXIgsFw+YlRF sJjgrXb8hTKf4euhR2Opz8mSiajZI/L5lQPXL6dPeaWagirXkdnAV2YjudM3DWQw 1nJCWb25Im/dG7zuzIfXeptVDR41eeDdF4oa0CAWiTIFo+DtSJhCR6keRAD/jQyQ HSvWaC1TawE2K5VJszejqnE3cCvB6h0J7AdQeVOhTymGRoZ/vwI= =XNGe -----END PGP SIGNATURE-----