Mandriva Linux Security Advisory : freetype2 (MDVSA-2011:157)
Medium Nessus Plugin ID 56598
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been discovered and corrected in freetype2 :
FreeType allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font (CVE-2011-3256).
A regression was found in freetype2 in Mandriva Enterprise Server 5 that caused ugly font rendering with firefox (#63892).
Additionally, improvements conserning the LZW handling (as noted in the freetype-2.4.7 version) was added.
The updated packages have been patched to correct these issues.
SolutionUpdate the affected packages.