<media-libs/freetype-2.4.7 has vulnerabilities in handling Type 1 fonts: CHANGES BETWEEN 2.4.6 and 2.4.7 I. IMPORTANT BUG FIXES - Some vulnerabilities in handling Type 1 fonts have been fixed; see CVE-2011-3256.
New version is in tree. Arch teams, please, stabilize.
from various sources, I see all related to apple iOS, are you sure that also linux is affected?
I'm not sure, but I see no iOS mentioning in the official ChangeLog and thus I think it's better to be on the safe side.
There: Arch teams, please test and mark stable: =media-libs/freetype-2.4.7 Target KEYWORDS="alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
(In reply to comment #2) > from various sources, I see all related to apple iOS, are you sure that also > linux is affected? Confirmed by upstream. amd64 ok
Stable for HPPA.
amd64 ok
+ 20 Oct 2011; Tony Vroon <chainsaw@gentoo.org> freetype-2.4.7.ebuild: + Marked stable on AMD64 based on arch testing by Agostino "Ago" Sarubbo & Ian + "idella4" Delaney in security bug #387535.
x86 stable
alpha/arm/ia64/m68k/s390/sh/sparc stable
ppc/ppc64 stable, last arch done
Thanks, everyone. Added to existing GLSA request.
This issue was resolved and addressed in GLSA 201201-09 at http://security.gentoo.org/glsa/glsa-201201-09.xml by GLSA coordinator Sean Amoss (ackle).