Scientific Linux Security Update : freetype on SL5.x, SL4.x, SL3.x i386/x86_64
Medium Nessus Plugin ID 60197
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionAn integer overflow flaw was found in the way the FreeType font engine processed TTF font files. If a user loaded a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or execute arbitrary code. While it is uncommon for a user to explicitly load a font file, there are several application file formats which contain embedded fonts that are parsed by FreeType. (CVE-2007-2754)
SolutionUpdate the affected packages.