News

=========================================================== Ubuntu Security Notice USN-291-1 June 08, 2006 freetype vulnerabilities CVE-2006-0747, CVE-2006-1861, CVE-2006-2493, CVE-2006-2661 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: libfreetype6 2.1.7-2.3ubuntu0.1 Ubuntu 5.10: libfreetype6 2.1.7-2.4ubuntu1.1 Ubuntu 6.06 LTS: libfreetype6 2.1.10-1ubuntu2.1 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: Several integer overflows have been discovered in the FreeType library. By tricking a user into installing and/or opening a specially crafted font file, these could be exploited to execute arbitrary code with the privileges of that user.