Marc Schoenefeld discovered an improper input sanitization in Pango, a library for layout and rendering of text, leading to array indexing error. If a local user was tricked into loading a specially-crafted font file in an application, using the Pango font rendering library, it could lead to denial of service (application crash). For the stable distribution (lenny), this problem has been fixed in version 1.20.5-5+lenny1. For the testing distribution (squeeze), and the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your pango1.0 package.
Marc Schoenefeld discovered an improper input sanitization in Pango, a library for layout and rendering of text, leading to array indexing error. If a local user was tricked into loading a specially-crafted font file in an application, using the Pango font rendering library, it could lead to denial of service (application crash).
For the stable distribution (lenny), this problem has been fixed in version 1.20.5-5+lenny1.
For the testing distribution (squeeze), and the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your pango1.0 package.
MD5 checksums of the listed files are available in the original advisory.