advisories/20720.adv

type: security
subject: Updated freetype2 packages fix security vulnerability
CVE:
 - CVE-2016-10328
src:
  5:
   core:
     - freetype2-2.5.4-2.2.mga5
   tainted:
     - freetype2-2.5.4-2.2.mga5.tainted
description: |
  It was discovered that a heap-based buffer overflow existed in the
  FreeType library. If a user were tricked into using a specially crafted
  font file, a remote attacker could cause FreeType to crash, resulting in a
  denial of service, or possibly execute arbitrary code (CVE-2016-10328).
references:
 - https://bugs.mageia.org/show_bug.cgi?id=20720
 - https://www.ubuntu.com/usn/usn-3263-1/
1	type: security
2	subject: Updated freetype2 packages fix security vulnerability
3	CVE:
4	- CVE-2016-10328
5	src:
6	5:
7	core:
8	- freetype2-2.5.4-2.2.mga5
9	tainted:
10	- freetype2-2.5.4-2.2.mga5.tainted
11	description: \|
12	It was discovered that a heap-based buffer overflow existed in the
13	FreeType library. If a user were tricked into using a specially crafted
14	font file, a remote attacker could cause FreeType to crash, resulting in a
15	denial of service, or possibly execute arbitrary code (CVE-2016-10328).
16	references:
17	- https://bugs.mageia.org/show_bug.cgi?id=20720
18	- https://www.ubuntu.com/usn/usn-3263-1/