GLSA-201507-10 : t1utils: Arbitrary code execution
High Nessus Plugin ID 86081
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201507-10 (t1utils: Arbitrary code execution)
t1utils has a buffer overflow in the set_cs_start function in t1disasm.c.
A remote attacker could cause a denial of service and possibly execute arbitrary code via a crafted font file.
There is no known workaround at this time.
SolutionAll t1utils users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=app-text/t1utils-1.39'