FreeType: User-assisted execution of arbitrary code — GLSA 200705-02

A vulnerability has been discovered in FreeType allowing for user-assisted remote execution of arbitrary code.

Affected Packages

media-libs/freetype on all architectures
Affected versions < 2.1.10-r3
Unaffected versions >= 2.1.10-r3, < 2.0

Background

FreeType is a True Type Font rendering library.

Description

Greg MacManus of iDefense Labs has discovered an integer overflow in the function bdfReadCharacters() when parsing BDF fonts.

Impact

A remote attacker could entice a user to use a specially crafted BDF font, possibly resulting in a heap-based buffer overflow and the remote execution of arbitrary code.

Workaround

There is no known workaround at this time.

Resolution

All FreeType users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=media-libs/freetype-2.1.10-r3"

References

Release Date
May 01, 2007

Latest Revision
May 27, 2007: 02

Severity
normal

Exploitable
remote

Bugzilla entries