Gentoo Security Advisory GLSA 201201-09 (FreeType) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 201201-09.

Solution

All FreeType users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/freetype-2.4.8' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201201-09 http://bugs.gentoo.org/show_bug.cgi?id=332701 http://bugs.gentoo.org/show_bug.cgi?id=342121 http://bugs.gentoo.org/show_bug.cgi?id=345843 http://bugs.gentoo.org/show_bug.cgi?id=377143 http://bugs.gentoo.org/show_bug.cgi?id=387535 http://bugs.gentoo.org/show_bug.cgi?id=390623

Insight

Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service.

Severity

Classification

Related Vulnerabilities

Gentoo Security Advisory GLSA 200405-22 (Apache)
Gentoo Security Advisory GLSA 200311-08 (Libnids)
Gentoo Security Advisory GLSA 200405-14 (subversion)
Gentoo Security Advisory GLSA 200312-04 (CVS)
Gentoo Security Advisory GLSA 200406-20 (Openswan)

Take action and discover your vulnerabilities