Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: 972-1: FreeType vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu It was discovered that FreeType did not correctly handle certain malformedfont files. If a user were tricked into using a specially crafted fontfile, a remote attacker could cause FreeType to crash or possibly executearbitrary code with user privileges. [More...]
Ubuntu Security Notice USN-972-1            August 17, 2010
freetype vulnerabilities
CVE-2010-1797, CVE-2010-2541, CVE-2010-2805, CVE-2010-2806,
CVE-2010-2807, CVE-2010-2808

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 9.04
Ubuntu 9.10
Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libfreetype6                    2.1.10-1ubuntu2.8

Ubuntu 8.04 LTS:
  libfreetype6                    2.3.5-1ubuntu4.8.04.4

Ubuntu 9.04:
  libfreetype6                    2.3.9-4ubuntu0.3

Ubuntu 9.10:
  libfreetype6                    2.3.9-5ubuntu0.2

Ubuntu 10.04 LTS:
  libfreetype6                    2.3.11-1ubuntu2.2

After a standard system update you need to restart your session to make
all the necessary changes.

Details follow:

It was discovered that FreeType did not correctly handle certain malformed
font files. If a user were tricked into using a specially crafted font
file, a remote attacker could cause FreeType to crash or possibly execute
arbitrary code with user privileges.

Updated packages for Ubuntu 6.06 LTS:

  Source archives:
      Size/MD5:    70961 d986f14b69d50fe1884e8dd5f9386731
      Size/MD5:      719 a91985ecc92b75aa3f3647506bad4039
      Size/MD5:  1323617 adf145ce51196ad1b3054d5fb032efe6

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   717794 f332d5b1974aa53f200e4e6ecf9df088
      Size/MD5:   440974 afa83868cc67cec692f72a9dc93635ff
      Size/MD5:   133902 dca56851436275285b4563c96388a070
      Size/MD5:   251958 358627e207009dbe0c5be095e7bed18d

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   677592 ee43f5e97f31b8da57582dbdb1e63033
      Size/MD5:   416328 ef092c08ba2c167af0da25ab743ea663
      Size/MD5:   117302 b2633ed4487657fe349fd3de76fce405
      Size/MD5:   227436 f55ab8a9bb7e76ad743f6c0fa2974e64

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   708654 ee71c714e62e96a9af4cf7ba909142e6
      Size/MD5:   431036 4f1c6a1e28d3a14b593bef37605119ab
      Size/MD5:   134260 66ba7d95f551eaadb1bba5a56d76529d
      Size/MD5:   241726 d2c4f13b12c8280b1fad56cdc0965502

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   683964 49df9101deb9a317229351d72b5804ec
      Size/MD5:   411982 efaca20d5deec9e51be023710902852b
      Size/MD5:   120138 ff723720ed499e40049e3487844b9db3
      Size/MD5:   222676 71f172ba71fc507b04e5337d55b32ed6

Updated packages for Ubuntu 8.04 LTS:

  Source archives:
      Size/MD5:    40949 1cc5014da4db8200edb54df32561fcd0
      Size/MD5:      907 7f698125814f4ca67a01b0a66d9bcfe9
      Size/MD5:  1536077 4a5bdbe1ab92f3fe4c4816f9934a5ec2

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   694322 c740e1665d09a0c691163a543c8d650b
      Size/MD5:   362386 5b085e83764fcda129bede2c5c4ca179
      Size/MD5:   221392 dbebbbaffc086dccf550468fff1daa92
      Size/MD5:   258454 f3903d4e43891753f3c6439cd862617f

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   663330 7601af27049730f0f7afcfa30244ae88
      Size/MD5:   347172 de53a441e28e385598d20333ff636026
      Size/MD5:   201266 c9c50bdc87d0a46fc43f3bbca26adec5
      Size/MD5:   243462 16bb61f604fe48a301f6faeaa094d266

  lpia architecture (Low Power Intel Architecture):
      Size/MD5:   665120 bf0dcd13b8a171f6a740ca225d943e68
      Size/MD5:   347512 d2beee3ccf7fe0233825d46cc61ca62d
      Size/MD5:   205560 7879f630a5356e3d6e9c0609e8008de9
      Size/MD5:   244324 4e10fb5e68a78312eb02c69508120c6a

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   687156 6d36300396fa84d6f889147b0247f385
      Size/MD5:   358086 06b9874cc9ba11fdb6feb10b0831e890
      Size/MD5:   235578 ce514bab4cbc028a0451742c38c633cd
      Size/MD5:   254526 d50f40a9421b52f4302c4d260170edb3

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   658094 184f0f51023baa8ce459fababaa190d9
      Size/MD5:   332124 5aa036de5269896c893ea8f825329b84
      Size/MD5:   199782 9323f9209333cf42114e97d3305d901c
      Size/MD5:   227810 7657e99ad137ad5ce654b74cfbbfdc10

Updated packages for Ubuntu 9.04:

  Source archives:
      Size/MD5:    44032 17b27322a6448d40599c55561209c940
      Size/MD5:     1311 5124a4df7016a625a631c1ff4661aae9
      Size/MD5:  1624314 7b2ab681f1a436876ed888041204e478

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   729408 788a2af765a8356c4a7c01e893695b0b
      Size/MD5:   272950 a1f9a0ad0d036e5a14b073c139ce5408
      Size/MD5:   407052 bfd510dc0c46a0f25dd3329693ee66a8
      Size/MD5:   226474 9b8e6c521d8629b9b1db2760209460a3

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   697818 9176ee8649b8441333d7c5d9359c53a6
      Size/MD5:   257896 c26f46491d69a174fa9cad126a3201cf
      Size/MD5:   392692 648d0605a187b74291b3233e5e4930e3
      Size/MD5:   198834 0b41da08de5417a7db21e24e730e03d9

  lpia architecture (Low Power Intel Architecture):
      Size/MD5:   698682 12c20dd647db986bd87a250d8706e8e8
      Size/MD5:   257736 dee60e4b8a1824d2aa13364ec0f01602
      Size/MD5:   392978 e19bcc3c8c0cec76227c64843b01516a
      Size/MD5:   201636 a558e986b6c6e878e115126e7d3a28a5

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   720040 70c8792cddd9cfe45480f8d760dd0163
      Size/MD5:   265790 b356a500845d045f431db6ef4db4f811
      Size/MD5:   400532 91aa4eea6b8e9b67a721b552caab8468
      Size/MD5:   227834 fa22e303b8d06dfb99a8c3c1f2980061

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   689244 dff22369b1bb07d4ef7c6d9f474149db
      Size/MD5:   238164 cb1e597bd0065d2ffbad763a52088c1d
      Size/MD5:   372422 c6f36ae3119f8f17368d796943ba9908
      Size/MD5:   201390 c3f108859375787b11190d3c5a1d966b

Updated packages for Ubuntu 9.10:

  Source archives:
      Size/MD5:    43530 f78681f1641b93f34d41ff4d6f31eb71
      Size/MD5:     1311 8a9a302e0a62f2dbe2a62aba456e2108
      Size/MD5:  1624314 7b2ab681f1a436876ed888041204e478

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   731028 3b5ed0ad073cca0c1eee212b0e12f255
      Size/MD5:   275110 a23822489a0d7d45152f341b86f0df20
      Size/MD5:   409362 ba180d650e17df6980ca09b8d1a109e1
      Size/MD5:   230774 a0a51691eefc0fb6e94d41c3282c3ab2

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   696892 ad2164ed812ccd9cf7829659cff219c7
      Size/MD5:   258710 c2d256e87eaee83ab83592247588bee7
      Size/MD5:   393912 c8d04b785d17066229bab50a3c13e1af
      Size/MD5:   195702 02aa03f1f62a61383d829b5bf494b7b0

  lpia architecture (Low Power Intel Architecture):
      Size/MD5:   699382 ff8200917b43322062d2f3b5f3f6bab8
      Size/MD5:   259348 0395bdbaf357d161d0f1d3b257ae4732
      Size/MD5:   394122 8481f2e278a5da28b28ef0fa79207662
      Size/MD5:   198546 a3f0a848da83a64d14344b6744b33a90

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   719762 bd7185c852b151794c27f8c2ead4da94
      Size/MD5:   264578 58a77cbf2ae4c2a447a81cce72f6b8c5
      Size/MD5:   399118 c943fa66513b862ccb6ac99699c9e33c
      Size/MD5:   203834 842dd94d9b3fad52c0b1b6489775d2ea

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   691054 557de31093ac67c2dedec97e55998295
      Size/MD5:   240534 f3c79ed9e84e7169851de3f432b613c3
      Size/MD5:   374982 e84af1b516f050ee9bdb93c213994943
      Size/MD5:   195786 599978c8d9cff2525eba228c793833c3

Updated packages for Ubuntu 10.04:

  Source archives:
      Size/MD5:    41646 9b97425327300eda74c492034fed50ad
      Size/MD5:     1313 b7b625334a0d9c926bf34cc83dcc904c
      Size/MD5:  1709600 5aa22c0bc6aa3815b40a309ead2b9d1b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   739530 db9147ce9477b7ab22374f89d24b24ca
      Size/MD5:   277536 35fc46f3c281aee82eeed4e00cfdacdc
      Size/MD5:   434932 1bf8e620c3008504b87354470e7be9a5
      Size/MD5:   221434 4b4fcbd633bf1b3c2151617adae44835

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   704694 f58601afde2b4bc257492762654cbf94
      Size/MD5:   260916 a540a7f9ae973bce66bbd3fdb9a4f849
      Size/MD5:   419000 d4a78ce7ae146caa59b61f43b27d363c
      Size/MD5:   188710 e94b4202fcfe184fdf81409fe610a42a

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   728090 5f2e98a54cb2a0ac03591c387aacf461
      Size/MD5:   266750 66bf2b146ab219d1b78e1887d0053f2a
      Size/MD5:   424614 fd964644b45bbbc79729c9609c4b6bb8
      Size/MD5:   196686 b88a8cebff19c95b6c9c161f7d1bb472

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   707164 bf26d7cb1aa3f759ca31510f92888053
      Size/MD5:   250768 100b4d4b270421fb1dcb503c88b547e8
      Size/MD5:   408132 b009cd0f1aafa500f8cc16273e9f2ed9
      Size/MD5:   198302 504ec3da9ee2048391e2c4035d7149fc

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
FBI Quietly Removes Recommendation To Encrypt Your Phone
And the prize for LEAST SECURE BROWSER goes to ... Chrome!
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.