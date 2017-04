-----BEGIN PGP SIGNED MESSAGE-----

Debian Security Advisory DSA-3839-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 28, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------



Package : freetype

CVE ID : CVE-2016-10244 CVE-2017-8105 CVE-2017-8287

Debian Bug : 856971 861220 861308



Several vulnerabilities were discovered in Freetype. Opening malformed

fonts may result in denial of service or the execution of arbitrary

code.



For the stable distribution (jessie), these problems have been fixed in

version 2.5.2-3+deb8u2.



We recommend that you upgrade your freetype packages.



Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/



Mailing list: debian-security-announce@lists.debian.org

