Mandriva Security Advisory MDVSA-2009:243-2 (freetype2)

Summary
The remote host is missing an update to freetype2 announced via advisory MDVSA-2009:243-2.
Solution
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:243-2
Insight
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c. This update corrects the problem. Update: Packages for 2008.0 are being provided due to extended support for Corporate products. Affected: 2008.0