freetype2: security update
This update of freetype2 fixes multiple security flaws that
could allow attackers to cause a denial of service or to
execute arbitrary code via specially crafted fonts
(CVE-2011-3256, CVE-2011-3439).
-
Submitted by
Adrian Schröter (adrianSuSE)
- Version 5548
Fixed bugs
bnc#730124
VUL-0: freetype2: buffer overflows
CVE#CVE-2011-3256
FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a dif
CVE#CVE-2011-3439
FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document.
