FreeType: Multiple vulnerabilities

FreeType: Multiple vulnerabilities Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. FreeType 2012-01-23 2012-01-23 332701 342121 345843 377143 387535 390623 remote 2.4.8 2.4.8

FreeType is a high-quality and portable font engine.

Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details.

A remote attacker could entice a user to open a specially crafted font, possibly resulting in the remote execution of arbitrary code with the privileges of the user running the application, or a Denial of Service.

There is no known workaround at this time.

All FreeType users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=media-libs/freetype-2.4.8"

CVE-2010-1797 CVE-2010-2497 CVE-2010-2498 CVE-2010-2499 CVE-2010-2500 CVE-2010-2519 CVE-2010-2520 CVE-2010-2527 CVE-2010-2541 CVE-2010-2805 CVE-2010-2806 CVE-2010-2807 CVE-2010-2808 CVE-2010-3053 CVE-2010-3054 CVE-2010-3311 CVE-2010-3814 CVE-2010-3855 CVE-2011-0226 CVE-2011-3256 CVE-2011-3439 underling ackle