FreeType: Multiple vulnerabilities Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service. FreeType 2012-04-17 2012-04-17 407257 remote 2.4.9 2.4.9

FreeType is a high-quality and portable font engine.

Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details.

A remote attacker could entice a user to open a specially crafted font, possibly resulting in execution of arbitrary code with the privileges of the user running the application, or a Denial of Service condition.

There is no known workaround at this time.

All FreeType users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/freetype-2.4.9" CVE-2012-1126 CVE-2012-1127 CVE-2012-1128 CVE-2012-1129 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1133 CVE-2012-1134 CVE-2012-1135 CVE-2012-1136 CVE-2012-1137 CVE-2012-1138 CVE-2012-1139 CVE-2012-1140 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 CVE-2012-1144 ackle ackle