1 |
type: security |
2 |
subject: Updated freetype2 packages fix security vulnerability |
3 |
CVE: |
4 |
- CVE-2016-10328 |
5 |
src: |
6 |
5: |
7 |
core: |
8 |
- freetype2-2.5.4-2.2.mga5 |
9 |
tainted: |
10 |
- freetype2-2.5.4-2.2.mga5.tainted |
11 |
description: | |
12 |
It was discovered that a heap-based buffer overflow existed in the |
13 |
FreeType library. If a user were tricked into using a specially crafted |
14 |
font file, a remote attacker could cause FreeType to crash, resulting in a |
15 |
denial of service, or possibly execute arbitrary code (CVE-2016-10328). |
16 |
references: |
17 |
- https://bugs.mageia.org/show_bug.cgi?id=20720 |
18 |
- https://www.ubuntu.com/usn/usn-3263-1/ |