Amazon Linux 1 Security Advisory: ALAS-2023-1764
Advisory Release Date: 2023-06-05 16:39 Pacific
Advisory Updated Date: 2023-06-08 23:39 Pacific
A segmentation fault was found in FreeType's FT_Request_Size() function in the ftobjs.c file. This flaw allows an attacker to access a memory location in a way that could cause an application to halt or crash, leading to a denial of service. (CVE-2022-27406)
Affected Packages:
freetype
Issue Correction:
Run yum update freetype to update your system.
i686:
freetype-devel-2.3.11-19.16.amzn1.i686
freetype-debuginfo-2.3.11-19.16.amzn1.i686
freetype-2.3.11-19.16.amzn1.i686
freetype-demos-2.3.11-19.16.amzn1.i686
src:
freetype-2.3.11-19.16.amzn1.src
x86_64:
freetype-2.3.11-19.16.amzn1.x86_64
freetype-devel-2.3.11-19.16.amzn1.x86_64
freetype-debuginfo-2.3.11-19.16.amzn1.x86_64
freetype-demos-2.3.11-19.16.amzn1.x86_64