LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

May 2009

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA May 2009

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA Important: freetype on SL3.x, SL4.x, SL5.x i386/x86_64
From:	Troy Dawson <[log in to unmask]>
Reply To:	Troy Dawson <[log in to unmask]>
Date:	Mon, 25 May 2009 10:51:38 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (85 lines)

Synopsis:	Important: freetype security update
Issue date:	2009-05-22
CVE Names:	CVE-2006-1861 CVE-2007-2754 CVE-2008-1808
                   CVE-2009-0946

Tavis Ormandy of the Google Security Team discovered several integer
overflow flaws in the FreeType 2 font engine. If a user loaded a
carefully-crafted font file with an application linked against FreeType 
2, it could cause the application to crash or, possibly, execute 
arbitrary code with the privileges of the user running the application.
(CVE-2009-0946)

Chris Evans discovered multiple integer overflow flaws in the FreeType 
font engine. If a user loaded a carefully-crafted font file with an 
application linked against FreeType, it could cause the application to 
crash or, possibly, execute arbitrary code with the privileges of the 
user running the application. (CVE-2006-1861)

An integer overflow flaw was found in the way the FreeType font engine
processed TrueType® Font (TTF) files. If a user loaded a 
carefully-crafted font file with an application linked against FreeType, 
it could cause the application to crash or, possibly, execute arbitrary 
code with the privileges of the user running the application. 
(CVE-2007-2754)

A flaw was discovered in the FreeType TTF font-file format parser when 
the TrueType virtual machine Byte Code Interpreter (BCI) is enabled. If 
a user loaded a carefully-crafted font file with an application linked 
against FreeType, it could cause the application to crash or, possibly, 
execute arbitrary code with the privileges of the user running the 
application. (CVE-2008-1808)

The X server must be restarted (log out, then log back in) for this 
update to take effect.

SL 3.0.x

       SRPMS:
freetype-2.1.4-12.el3.src.rpm
       i386:
freetype-2.1.4-12.el3.i386.rpm
freetype-demos-2.1.4-12.el3.i386.rpm
freetype-devel-2.1.4-12.el3.i386.rpm
freetype-utils-2.1.4-12.el3.i386.rpm
       x86_64:
freetype-2.1.4-12.el3.i386.rpm
freetype-2.1.4-12.el3.x86_64.rpm
freetype-demos-2.1.4-12.el3.x86_64.rpm
freetype-devel-2.1.4-12.el3.x86_64.rpm
freetype-utils-2.1.4-12.el3.x86_64.rpm

SL 4.x

       SRPMS:
freetype-2.1.9-10.el4.7.src.rpm
       i386:
freetype-2.1.9-10.el4.7.i386.rpm
freetype-demos-2.1.9-10.el4.7.i386.rpm
freetype-devel-2.1.9-10.el4.7.i386.rpm
freetype-utils-2.1.9-10.el4.7.i386.rpm
       x86_64:
freetype-2.1.9-10.el4.7.i386.rpm
freetype-demos-2.1.9-10.el4.7.i386.rpm
freetype-devel-2.1.9-10.el4.7.i386.rpm
freetype-utils-2.1.9-10.el4.7.i386.rpm

SL 5.x

       SRPMS:
freetype-2.2.1-21.el5_3.src.rpm
       i386:
freetype-2.2.1-21.el5_3.i386.rpm
freetype-demos-2.2.1-21.el5_3.i386.rpm
freetype-devel-2.2.1-21.el5_3.i386.rpm
       x86_64:
freetype-2.2.1-21.el5_3.i386.rpm
freetype-2.2.1-21.el5_3.x86_64.rpm
freetype-demos-2.2.1-21.el5_3.x86_64.rpm
freetype-devel-2.2.1-21.el5_3.i386.rpm
freetype-devel-2.2.1-21.el5_3.x86_64.rpm


-Connie Sieh
-Troy Dawson

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV