Steve Langasek wrote:
> Looks like it's time for another try at freetype. CVE-2006-3467 appears to
> be a potentially exploitable integer overflow in freetype's PCF parser.
> I've uploaded freetype_2.1.7-6 to
> <http://people.debian.org/~vorlon/freetype-DSA/>, replacing the previous
> version there; signed sources, unsigned changes.
Thanks, this was already on my list. I've lost track of the status of the
regression that did bite several users. Do I need to dig out the patch or
was it fixed in r2?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
