Some vulnerabilities have been reported in FreeType, which can be
exploited by malicious people to potentially compromise an application
using the library.
An integer overflow error within the "cff_charset_compute_cids()"
function in cff/cffload.c can be exploited to potentially cause a
heap-based buffer overflow via a specially crafted font.
Multiple integer overflow errors within validation functions in
sfnt/ttcmap.c can be exploited to bypass length validations and
potentially cause buffer overflows via specially crafted fonts.
An integer overflow error within the "ft_smooth_render_generic()"
function in smooth/ftsmooth.c can be exploited to potentially cause a
heap-based buffer overflow via a specially crafted font.