Robert Swiecki reported an integer overflow flaw in freetype with how it handles glyphs. This could cause applications linked against freetype to crash or, possibly, lead to the execution of arbitrary code if an attacker were able to get a victim to load a malicious font file.
The affected code is not present in Red Hat Enterprise Linux 5 (freetype 2.2.1).
This issue has been given the name CVE-2010-2497.
Upstream bug reports:
Upstream commit that fixes the issue:
Not vulnerable. This issue did not affect the versions of freetype as shipped with Red Hat Enterprise Linux 3, 4, or 5.
Created freetype tracking bugs for this issue
Affects: fedora-all [bug 613299]
Upstream has released 2.4.0 to correct this issue: