Security
Security
A buffer overflow in t1utils could result in execution of arbitrary code or Denial of Service.
| Package | app-text/t1utils on all architectures |
|---|---|
| Affected versions | < 1.39 |
| Unaffected versions | >= 1.39 |
t1utils is a collection of simple Type 1 font manipulation programs.
t1utils has a buffer overflow in the set_cs_start function in t1disasm.c.
A remote attacker could cause a denial of service and possibly execute arbitrary code via a crafted font file.
There is no known workaround at this time.
All t1utils users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/t1utils-1.39"
Release date
July 10, 2015
Latest revision
July 10, 2015: 1
Severity
normal
Exploitable
remote
Bugzilla entries