Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecurityNotifies] [SECURITY] [DSA-2105-1] New freetype packages fix several vulnerabilities

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecurityNotifies] [SECURITY] [DSA-2105-1] New freetype packages fix several vulnerabilities


Chronologisch Thread 
  • From: Giuseppe Iuculano <iuculano AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecurityNotifies] [SECURITY] [DSA-2105-1] New freetype packages fix several vulnerabilities
  • Date: Tue, 7 Sep 2010 22:39:32 +0200
  • List-archive: <https://service.piratenpartei.de/pipermail/it-securitynotifies>
  • List-id: Sicherheitsankündigungen <it-securitynotifies.lists.piratenpartei.de>
  • Old-return-path: <iuculano AT debian.org>
  • Priority: urgent
  • Resent-date: Tue, 7 Sep 2010 20:39:45 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <cMh0QDUOn-C.A.7GH.RMqhMB@liszt>
  • Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-2105-1 security AT debian.org
http://www.debian.org/security/ Giuseppe Iuculano
September 07, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : freetype
Vulnerability : several
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2010-1797 CVE-2010-2541 CVE-2010-2805 CVE-2010-2806
CVE-2010-2807 CVE-2010-2808 CVE-2010-3053


Several vulnerabilities have been discovered in the FreeType font
library. The Common Vulnerabilities and Exposures project identifies the
following problems:

CVE-2010-1797

Multiple stack-based buffer overflows in the
cff_decoder_parse_charstrings function in the CFF Type2 CharStrings
interpreter in cff/cffgload.c in FreeType allow remote attackers to
execute arbitrary code or cause a denial of service (memory
corruption) via crafted CFF opcodes in embedded fonts in a PDF
document, as demonstrated by JailbreakMe.

CVE-2010-2541

Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType
allows remote attackers to cause a denial of service (application
crash) or possibly execute arbitrary code via a crafted font file.

CVE-2010-2805

The FT_Stream_EnterFrame function in base/ftstream.c in FreeType does
not properly validate certain position values, which allows remote
attackers to cause a denial of service (application crash) or
possibly execute arbitrary code via a crafted font file

CVE-2010-2806

Array index error in the t42_parse_sfnts function in
type42/t42parse.c in FreeType allows remote attackers to cause a
denial of service (application crash) or possibly execute arbitrary
code via negative size values for certain strings in FontType42 font
files, leading to a heap-based buffer overflow.

CVE-2010-2807

FreeType uses incorrect integer data types during bounds checking,
which allows remote attackers to cause a denial of service
(application crash) or possibly execute arbitrary code via a crafted
font file.

CVE-2010-2808

Buffer overflow in the Mac_Read_POST_Resource function in
base/ftobjs.c in FreeType allows remote attackers to cause a denial
of service (memory corruption and application crash) or possibly
execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka
LWFN) font.

CVE-2010-3053

bdf/bdflib.c in FreeType allows remote attackers to cause a denial of
service (application crash) via a crafted BDF font file, related to
an attempted modification of a value in a static string.


For the stable distribution (lenny), these problems have been fixed in
version 2.3.7-2+lenny3

For the unstable distribution (sid) and the testing distribution
(squeeze), these problems have been fixed in version 2.4.2-1


We recommend that you upgrade your freetype package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64,
mips, mipsel, powerpc, s390 and sparc.

Source archives:


http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny3.diff.gz
Size/MD5 checksum: 39230 95a3841e7258573ca2d3e0075b8e7f73

http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7.orig.tar.gz
Size/MD5 checksum: 1567540 c1a9f44fde316470176fd6d66af3a0e8

http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny3.dsc
Size/MD5 checksum: 1219 2a2bf3d4568d92e2a48ebcda38140e73

alpha architecture (DEC Alpha)


http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_alpha.deb
Size/MD5 checksum: 775278 2f2ca060588fc33b6d7baae02201dbd2

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_alpha.deb
Size/MD5 checksum: 412188 ad9537e93ed3fb61f9348470940f3ce5

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_alpha.udeb
Size/MD5 checksum: 296592 e689b1c4b6bd7779e44d1cd641be9622

http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_alpha.deb
Size/MD5 checksum: 253786 287a98ca57139d4dee8041eba2881e3b

amd64 architecture (AMD x86_64 (AMD64))


http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_amd64.deb
Size/MD5 checksum: 713260 f1d4002e7b6d185ff9f46bc25d67c4c9

http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_amd64.deb
Size/MD5 checksum: 223170 cb00f76d826be115243faa9dfd0b8a91

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_amd64.udeb
Size/MD5 checksum: 269796 40762e686138c27ac92b20174e67012e

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_amd64.deb
Size/MD5 checksum: 385848 0294d7e3e1d6b37532f98344a9849cde

arm architecture (ARM)


http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_arm.deb
Size/MD5 checksum: 686154 fbe32c7124ba2ce093b31f46736e002b

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_arm.deb
Size/MD5 checksum: 357158 0d793d543a33cfa192098234c925d639

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_arm.udeb
Size/MD5 checksum: 242196 1cfc9f7dc6a7cd0843aa234bab35b69e

http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_arm.deb
Size/MD5 checksum: 205120 39ab4dfbc19c8a63affc493e0b5aaf2d

armel architecture (ARM EABI)


http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_armel.deb
Size/MD5 checksum: 684568 325686fbc2fba7687da424ada57b9419

http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_armel.deb
Size/MD5 checksum: 209992 69f6a68fb90658ec74dfd7cc7cc0b766

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_armel.udeb
Size/MD5 checksum: 236564 a48afca5c6798d16b140b3362dfac0ca

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_armel.deb
Size/MD5 checksum: 353814 76960109910d6de2f74ec0e345f00854

i386 architecture (Intel ia32)


http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_i386.udeb
Size/MD5 checksum: 254452 a34af74eda0feb2b763cfc6f5b8330c1

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_i386.deb
Size/MD5 checksum: 371586 ec294ffffeb9ddec389e3e988d880534

http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_i386.deb
Size/MD5 checksum: 198558 3283ad058d37eed8bca46df743c6a915

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_i386.deb
Size/MD5 checksum: 684624 014d335b35ed41022adb628796a0c122

ia64 architecture (Intel ia64)


http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_ia64.deb
Size/MD5 checksum: 332160 2dbb364f09414e4b0e0f59d9e91d1edc

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_ia64.deb
Size/MD5 checksum: 876692 2f6d3421d6c8424523388347c5640666

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_ia64.deb
Size/MD5 checksum: 531496 5dd7755f63271f597b64c3f513e8e7f1

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_ia64.udeb
Size/MD5 checksum: 415934 ea2ba16157b3504d8b9c8f251b69b16f

mips architecture (MIPS (Big Endian))


http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_mips.deb
Size/MD5 checksum: 717022 9ee8c246af10f4bf7cdf5cdc54010dd6

http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_mips.deb
Size/MD5 checksum: 213212 3641ad81738e8935c5df2b648383c8e0

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_mips.deb
Size/MD5 checksum: 369018 18559e273ffcea5614e71ab32b95ef47

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_mips.udeb
Size/MD5 checksum: 253924 1be1e224f27a780beb6799d55fa74663

mipsel architecture (MIPS (Little Endian))


http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_mipsel.deb
Size/MD5 checksum: 369772 6181d98166fe1f004fb033f2665ce4af

http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_mipsel.deb
Size/MD5 checksum: 214802 6edbec67ff79e96921d1fe4bf57b0fce

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_mipsel.deb
Size/MD5 checksum: 712502 4a99ccc68b1913f88901c5e0686fea4f

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_mipsel.udeb
Size/MD5 checksum: 254212 e30825a94175fd78a561b8365392cbad

powerpc architecture (PowerPC)


http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_powerpc.udeb
Size/MD5 checksum: 262804 d35ced8ba625f39dc7a04e3e61e0d49d

http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_powerpc.deb
Size/MD5 checksum: 233882 6e294c19dd0109ee80fe6cd401b6a185

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_powerpc.deb
Size/MD5 checksum: 378612 c96a180e7132c543396486b14107cdad

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_powerpc.deb
Size/MD5 checksum: 708212 9602a7786b2ebffd1d75d443901574c5

s390 architecture (IBM S/390)


http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_s390.deb
Size/MD5 checksum: 225190 393c9515f7cd89bcd8b0c38d6d6dd7ac

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_s390.deb
Size/MD5 checksum: 384160 4e20bc56e5fc65fb08529d8765d28850

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_s390.deb
Size/MD5 checksum: 698798 f589b6b8882d998bb7b89fa1dfa40b3a

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_s390.udeb
Size/MD5 checksum: 268272 7b6511b9ad657aa165e906a4fcbfee11

sparc architecture (Sun SPARC/UltraSPARC)


http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_sparc.deb
Size/MD5 checksum: 200078 29c1833cbde5b4da5c2e35aaf856ab58

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_sparc.udeb
Size/MD5 checksum: 235424 e64a8fc3b744253b22161e31fbb6e92a

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_sparc.deb
Size/MD5 checksum: 352544 a7f480889460b104bbab16fd8d8da2d5

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_sparc.deb
Size/MD5 checksum: 676520 6d0f57a5bd6457a9b9b85271c7001531


These files will probably be moved into the stable distribution on
its next update.

-
---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce AT lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkyGowMACgkQNxpp46476aos+gCggzMhJbnoGyXAhf8hfIrNJLn7
reQAnj4mmmGRshTxck3LwMxdmtAhb8uJ
=RkKg
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST AT lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster AT lists.debian.org
Archive: 20100907203932.GA10612 AT SD6-Casa.iuculano.it">http://lists.debian.org/20100907203932.GA10612 AT SD6-Casa.iuculano.it




  • [IT-SecurityNotifies] [SECURITY] [DSA-2105-1] New freetype packages fix several vulnerabilities, Giuseppe Iuculano, 07.09.2010

Archiv bereitgestellt durch MHonArc 2.6.19.

Seitenanfang