<media-libs/freetype-2.4.7 has vulnerabilities in handling Type 1 fonts:
CHANGES BETWEEN 2.4.6 and 2.4.7
I. IMPORTANT BUG FIXES
- Some vulnerabilities in handling Type 1 fonts have been fixed;
New version is in tree. Arch teams, please, stabilize.
from various sources, I see all related to apple iOS, are you sure that also linux is affected?
I'm not sure, but I see no iOS mentioning in the official ChangeLog and thus I think it's better to be on the safe side.
Arch teams, please test and mark stable:
Target KEYWORDS="alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
(In reply to comment #2)
> from various sources, I see all related to apple iOS, are you sure that also
> linux is affected?
Confirmed by upstream.
Stable for HPPA.
+ 20 Oct 2011; Tony Vroon <firstname.lastname@example.org> freetype-2.4.7.ebuild:
+ Marked stable on AMD64 based on arch testing by Agostino "Ago" Sarubbo & Ian
+ "idella4" Delaney in security bug #387535.
ppc/ppc64 stable, last arch done
Thanks, everyone. Added to existing GLSA request.
This issue was resolved and addressed in
GLSA 201201-09 at http://security.gentoo.org/glsa/glsa-201201-09.xml
by GLSA coordinator Sean Amoss (ackle).