Pardus: 2010-114: FreeType: Multiple Vulnerabilities
Posted by Benjamin D. Thomas   
Multiple vulnerabilities have been fixed in FreeType.
------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-114           security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-08-12
  Severity: 4
      Type: Remote
------------------------------------------------------------------------

Summary
======
Multiple vulnerabilities have been fixed in FreeType.


Description
==========
CVE-2010-1797:

Buffer  overflow errors   in   the   "cff_decoder_parse_charstrings()"
[src/cff/cffgload.c] function when processing Compact Font Format (CFF)
opcodes allows remote attackers to crash an affected application linked
against a vulnerable library, or execute arbitrary code via a malicious
font. Stack overflow vulnerability was found allow remote attarckers to
execute arbitrary code.



CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-2808:

Memory corruption flaws were found in the way FreeType  font  rendering
engine processed certain Adobe Type 1 Mac Font File  (LWFN)  fonts.  An
attacker could use this flaw to create a  specially-crafted  font  file
that, when opened, would cause an application linked against libfreetype
to crash, or, possibly execute arbitrary code.



Affected packages:

  Pardus 2009:
    freetype, all before 2.4.2-42-11


Resolution
=========
There are update(s) for freetype.  You  can  update  them  via  Package
Manager or with a single command from console:

    pisi up freetype

References
=========
  * http://bugs.pardus.org.tr/show_bug.cgi?id925
  * http://bugs.pardus.org.tr/show_bug.cgi?id929
  * http://www.vupen.com/english/advisories/2010/2018

------------------------------------------------------------------------