USN-466-1: freetype vulnerability
30 May 2007
Victor Stinner discovered that freetype did not correctly verify the
number of points in a TrueType font. If a user were tricked into using
a specially crafted font, a remote attacker could execute arbitrary code
with user privileges.
The problem can be corrected by updating your system to the following package versions:
- libfreetype6 - 2.2.1-5ubuntu1.1
- libfreetype6 - 2.2.1-5ubuntu0.2
- libfreetype6 - 2.1.10-1ubuntu2.4
After a standard system upgrade you need to restart your session or
reboot your computer to effect the necessary changes.