Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and
earlier might allow remote attackers to execute arbitrary code via a
crafted TTF image with a negative n_points value, which leads to an
integer overflow and heap-based buffer overflow.
freetype-2.3.4-r2 is in the tree with the patch from upstream.
Arches please test and mark stable. Target keywords are:
freetype-2.3.4-r2.ebuild:KEYWORDS="alpha amd64 ~arm hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x86-fbsd"
Stable for HPPA.