Canonical Repairs FreeType Exploit for All Supported Ubuntu OSes

On January 14, Canonical published in a security notice details about FreeType vulnerabilities for its Ubuntu 12.10, Ubuntu 12.04 LTS, Ubuntu 11.10, Ubuntu 10.04 LTS, and Ubuntu 8.04 LTS operating systems.

According to Canonical, FreeType could have been made to crash or run programs as the user's login, if it opened a specially crafted file.

If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.

For a more detailed description of the security problems, you can visit Canonical's security notification.

Users can simply fix the security flaws by upgrading the operating systems to the latest libfreetype6 package, specific to each distribution.

A normal system update, executed with the Update Manager, will implement all the necessary changes. After a standard system update, users will need to restart the session.