漏洞类别:Ubuntu
漏洞等级: 
漏洞信息
It was discovered that FreeType did not correctly handle certain malformed font files.
漏洞危害
If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, resulting in a denial of service, or possibly execute arbitrary code.
解决方案
Refer to Ubuntu advisory USN-3282-1 for affected packages and patching details, or update with your package manager.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
USN-3282-1: 16.04 (Xenial) on src (libfreetype6)
USN-3282-1: 17.04 (zesty) on src (libfreetype6)
0day
文章评论