Subject: | |
From: | |
Reply To: | |
Date: | Wed, 25 Jun 2008 14:48:59 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
[Updated 25th June 2008]
The original packages for Scientific Linux 3 and 4 distributed with
this errata had a bug which prevented freetype library from loading certain
font files correctly. We have updated the packages to correct this bug.
SL 3.0.x
SRPMS:
freetype-2.1.4-10.el3.src.rpm
i386:
freetype-2.1.4-10.el3.i386.rpm
freetype-demos-2.1.4-10.el3.i386.rpm
freetype-devel-2.1.4-10.el3.i386.rpm
freetype-utils-2.1.4-10.el3.i386.rpm
x86_64:
freetype-2.1.4-10.el3.i386.rpm
freetype-2.1.4-10.el3.x86_64.rpm
freetype-demos-2.1.4-10.el3.x86_64.rpm
freetype-devel-2.1.4-10.el3.x86_64.rpm
freetype-utils-2.1.4-10.el3.x86_64.rpm
SL 4.x
SRPMS:
freetype-2.1.9-8.el4.6.src.rpm
i386:
freetype-2.1.9-8.el4.6.i386.rpm
freetype-demos-2.1.9-8.el4.6.i386.rpm
freetype-devel-2.1.9-8.el4.6.i386.rpm
freetype-utils-2.1.9-8.el4.6.i386.rpm
x86_64:
freetype-2.1.9-8.el4.6.i386.rpm
freetype-2.1.9-8.el4.6.x86_64.rpm
freetype-demos-2.1.9-8.el4.6.x86_64.rpm
freetype-devel-2.1.9-8.el4.6.x86_64.rpm
freetype-utils-2.1.9-8.el4.6.x86_64.rpm
Troy
Troy Dawson wrote:
> Synopsis: Important: freetype security update
> Issue date: 2008-06-20
> CVE Names: CVE-2008-1806 CVE-2008-1807 CVE-2008-1808
>
> Multiple flaws were discovered in FreeType's Printer Font Binary (PFB) and
> TrueType Font (TTF) font-file format parsers. If a user loaded a carefully
> crafted font-file with a program linked against FreeType, it could cause
> the application to crash, or possibly execute arbitrary code.
> (CVE-2008-1806, CVE-2008-1807, CVE-2008-1808)
>
> Note: the flaw in FreeType's TrueType Font (TTF) font-file format parser,
> covered by CVE-2008-1808, did not affect the freetype packages as shipped
> in Scientific Linux 3, 4, and 5, as they are not compiled with TTF
> Byte Code Interpreter (BCI) support.
>
>
> SL 3.0.x
>
> SRPMS:
> freetype-2.1.4-8.el3.src.rpm
> i386:
> freetype-2.1.4-8.el3.i386.rpm
> freetype-demos-2.1.4-8.el3.i386.rpm
> freetype-devel-2.1.4-8.el3.i386.rpm
> freetype-utils-2.1.4-8.el3.i386.rpm
> x86_64:
> freetype-2.1.4-8.el3.i386.rpm
> freetype-2.1.4-8.el3.x86_64.rpm
> freetype-demos-2.1.4-8.el3.x86_64.rpm
> freetype-devel-2.1.4-8.el3.x86_64.rpm
> freetype-utils-2.1.4-8.el3.x86_64.rpm
>
> SL 4.x
>
> SRPMS:
> freetype-2.1.9-7.el4.6.src.rpm
> i386:
> freetype-2.1.9-7.el4.6.i386.rpm
> freetype-demos-2.1.9-7.el4.6.i386.rpm
> freetype-devel-2.1.9-7.el4.6.i386.rpm
> freetype-utils-2.1.9-7.el4.6.i386.rpm
> x86_64:
> freetype-2.1.9-7.el4.6.i386.rpm
> freetype-2.1.9-7.el4.6.x86_64.rpm
> freetype-demos-2.1.9-7.el4.6.x86_64.rpm
> freetype-devel-2.1.9-7.el4.6.x86_64.rpm
> freetype-utils-2.1.9-7.el4.6.x86_64.rpm
>
> SL 5.x
>
> SRPMS:
> freetype-2.2.1-20.el5_2.src.rpm
> i386:
> freetype-2.2.1-20.el5_2.i386.rpm
> freetype-demos-2.2.1-20.el5_2.i386.rpm
> freetype-devel-2.2.1-20.el5_2.i386.rpm
> x86_64:
> freetype-2.2.1-20.el5_2.i386.rpm
> freetype-2.2.1-20.el5_2.x86_64.rpm
> freetype-demos-2.2.1-20.el5_2.x86_64.rpm
> freetype-devel-2.2.1-20.el5_2.i386.rpm
> freetype-devel-2.2.1-20.el5_2.x86_64.rpm
>
> -Connie Sieh
> -Troy Dawson
>
>
>
--
__________________________________________________
Troy Dawson [log in to unmask] (630)840-6468
Fermilab ComputingDivision/LCSI/CSI DSS Group
__________________________________________________
|
|
|