Stay Connected:

ELSA-2015-0696

ELSA-2015-0696 - freetype security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2015-03-17

Description


[2.3.11-15.el6_6.1]
- Fixes CVE-2014-9657
- Check minimum size of record_size.
- Fixes CVE-2014-9658
- Use correct value for minimum table length test.
- Fixes CVE-2014-9675
- New macro that checks one character more than strncmp.
- Fixes CVE-2014-9660
- Check _BDF_GLYPH_BITS.
- Fixes CVE-2014-9661
- Initialize face->ttf_size.
- Always set face->ttf_size directly.
- Exclusively use the truetype font driver for loading
the font contained in the sfnts array.
- Fixes CVE-2014-9663
- Fix order of validity tests.
- Fixes CVE-2014-9664
- Add another boundary testing.
- Fix boundary testing.
- Fixes CVE-2014-9667
- Protect against addition overflow.
- Fixes CVE-2014-9669
- Protect against overflow in additions and multiplications.
- Fixes CVE-2014-9670
- Add sanity checks for row and column values.
- Fixes CVE-2014-9671
- Check size and offset values.
- Fixes CVE-2014-9673
- Fix integer overflow by a broken POST table in resource-fork.
- Fixes CVE-2014-9674
- Fix integer overflow by a broken POST table in resource-fork.
- Additional overflow check in the summation of POST fragment lengths.
- Work around behaviour of X11s pcfWriteFont and pcfReadFont functions
- Resolves: #1197737

[2.3.11-15]
- Fix CVE-2012-5669
(Use correct array size for checking glyph_enc)
- Resolves: #903543


Related CVEs


CVE-2014-9675
CVE-2014-9658
CVE-2014-9671
CVE-2014-9661
CVE-2014-9664
CVE-2014-9657
CVE-2014-9663
CVE-2014-9660
CVE-2014-9667
CVE-2014-9669
CVE-2014-9670
CVE-2014-9673
CVE-2014-9674

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 6 (i386) freetype-2.3.11-15.el6_6.1.src.rpm7aacd63b60047b3ea24657f240604aa1958a83abf40196f35055b332376dcf8eELSA-2019-4254ol6_i386_latest_archive
freetype-2.3.11-15.el6_6.1.src.rpm7aacd63b60047b3ea24657f240604aa1958a83abf40196f35055b332376dcf8eELSA-2019-4254ol6_u6_i386_patch
freetype-2.3.11-15.el6_6.1.src.rpm7aacd63b60047b3ea24657f240604aa1958a83abf40196f35055b332376dcf8eELSA-2019-4254ol6_u7_i386_base
freetype-2.3.11-15.el6_6.1.i686.rpm6be7daa21ee9b1d040ff2e3c3400e8ac94795e90b38b52fd286752eadf565a2fELSA-2019-4254ol6_i386_latest_archive
freetype-2.3.11-15.el6_6.1.i686.rpm6be7daa21ee9b1d040ff2e3c3400e8ac94795e90b38b52fd286752eadf565a2fELSA-2019-4254ol6_u6_i386_patch
freetype-2.3.11-15.el6_6.1.i686.rpm6be7daa21ee9b1d040ff2e3c3400e8ac94795e90b38b52fd286752eadf565a2fELSA-2019-4254ol6_u7_i386_base
freetype-demos-2.3.11-15.el6_6.1.i686.rpm9ac79f8eb9cb749e3524069627f4de9b63f48a19300783d3cc7c4a3f24949ffaELSA-2019-4254ol6_i386_latest_archive
freetype-demos-2.3.11-15.el6_6.1.i686.rpm9ac79f8eb9cb749e3524069627f4de9b63f48a19300783d3cc7c4a3f24949ffaELSA-2019-4254ol6_u6_i386_patch
freetype-demos-2.3.11-15.el6_6.1.i686.rpm9ac79f8eb9cb749e3524069627f4de9b63f48a19300783d3cc7c4a3f24949ffaELSA-2019-4254ol6_u7_i386_base
freetype-devel-2.3.11-15.el6_6.1.i686.rpmcd1064439cfef6a1d3c9ac38e0c16b2ba73a8b8b19b3e67e0cd50e8d613e8231ELSA-2019-4254ol6_i386_latest_archive
freetype-devel-2.3.11-15.el6_6.1.i686.rpmcd1064439cfef6a1d3c9ac38e0c16b2ba73a8b8b19b3e67e0cd50e8d613e8231ELSA-2019-4254ol6_u6_i386_patch
freetype-devel-2.3.11-15.el6_6.1.i686.rpmcd1064439cfef6a1d3c9ac38e0c16b2ba73a8b8b19b3e67e0cd50e8d613e8231ELSA-2019-4254ol6_u7_i386_base
Oracle Linux 6 (x86_64) freetype-2.3.11-15.el6_6.1.src.rpm7aacd63b60047b3ea24657f240604aa1958a83abf40196f35055b332376dcf8eELSA-2019-4254ol6_u6_x86_64_patch
freetype-2.3.11-15.el6_6.1.src.rpm7aacd63b60047b3ea24657f240604aa1958a83abf40196f35055b332376dcf8eELSA-2019-4254ol6_u7_x86_64_base
freetype-2.3.11-15.el6_6.1.src.rpm7aacd63b60047b3ea24657f240604aa1958a83abf40196f35055b332376dcf8eELSA-2019-4254ol6_x86_64_latest_archive
freetype-2.3.11-15.el6_6.1.i686.rpm6be7daa21ee9b1d040ff2e3c3400e8ac94795e90b38b52fd286752eadf565a2fELSA-2019-4254ol6_u6_x86_64_patch
freetype-2.3.11-15.el6_6.1.i686.rpm6be7daa21ee9b1d040ff2e3c3400e8ac94795e90b38b52fd286752eadf565a2fELSA-2019-4254ol6_u7_x86_64_base
freetype-2.3.11-15.el6_6.1.i686.rpm6be7daa21ee9b1d040ff2e3c3400e8ac94795e90b38b52fd286752eadf565a2fELSA-2019-4254ol6_x86_64_latest_archive
freetype-2.3.11-15.el6_6.1.x86_64.rpm10034fe5123c5cfdb4fd62de557de6824370e3a1009a7d559a4d81ace33b31b2ELSA-2019-4254exadata_dbserver_12.1.2.1.2_x86_64_base
freetype-2.3.11-15.el6_6.1.x86_64.rpm10034fe5123c5cfdb4fd62de557de6824370e3a1009a7d559a4d81ace33b31b2ELSA-2019-4254exadata_dbserver_12.1.2.1.3_x86_64_base
freetype-2.3.11-15.el6_6.1.x86_64.rpm10034fe5123c5cfdb4fd62de557de6824370e3a1009a7d559a4d81ace33b31b2ELSA-2019-4254ol6_u6_x86_64_patch
freetype-2.3.11-15.el6_6.1.x86_64.rpm10034fe5123c5cfdb4fd62de557de6824370e3a1009a7d559a4d81ace33b31b2ELSA-2019-4254ol6_u7_x86_64_base
freetype-2.3.11-15.el6_6.1.x86_64.rpm10034fe5123c5cfdb4fd62de557de6824370e3a1009a7d559a4d81ace33b31b2ELSA-2019-4254ol6_x86_64_latest_archive
freetype-demos-2.3.11-15.el6_6.1.x86_64.rpmc950f3cdc810d42d46059940eaace0afea7e3df6fb39d35aa8e921320606eed9ELSA-2019-4254ol6_u6_x86_64_patch
freetype-demos-2.3.11-15.el6_6.1.x86_64.rpmc950f3cdc810d42d46059940eaace0afea7e3df6fb39d35aa8e921320606eed9ELSA-2019-4254ol6_u7_x86_64_base
freetype-demos-2.3.11-15.el6_6.1.x86_64.rpmc950f3cdc810d42d46059940eaace0afea7e3df6fb39d35aa8e921320606eed9ELSA-2019-4254ol6_x86_64_latest_archive
freetype-devel-2.3.11-15.el6_6.1.i686.rpmcd1064439cfef6a1d3c9ac38e0c16b2ba73a8b8b19b3e67e0cd50e8d613e8231ELSA-2019-4254ol6_u6_x86_64_patch
freetype-devel-2.3.11-15.el6_6.1.i686.rpmcd1064439cfef6a1d3c9ac38e0c16b2ba73a8b8b19b3e67e0cd50e8d613e8231ELSA-2019-4254ol6_u7_x86_64_base
freetype-devel-2.3.11-15.el6_6.1.i686.rpmcd1064439cfef6a1d3c9ac38e0c16b2ba73a8b8b19b3e67e0cd50e8d613e8231ELSA-2019-4254ol6_x86_64_latest_archive
freetype-devel-2.3.11-15.el6_6.1.x86_64.rpmab87f2426add7c0a27a26e4e67ef79d9a519a5c505dea8ea96f9a3eb1dd7c992ELSA-2019-4254ol6_u6_x86_64_patch
freetype-devel-2.3.11-15.el6_6.1.x86_64.rpmab87f2426add7c0a27a26e4e67ef79d9a519a5c505dea8ea96f9a3eb1dd7c992ELSA-2019-4254ol6_u7_x86_64_base
freetype-devel-2.3.11-15.el6_6.1.x86_64.rpmab87f2426add7c0a27a26e4e67ef79d9a519a5c505dea8ea96f9a3eb1dd7c992ELSA-2019-4254ol6_x86_64_latest_archive
Oracle Linux 7 (x86_64) freetype-2.4.11-10.el7_1.1.src.rpm837b515c2116ea70f3f4682f20300e6de61b3a80cb8ed287ae6bce953e9e18afELSA-2020-4907ol7_x86_64_latest_archive
freetype-2.4.11-10.el7_1.1.src.rpm837b515c2116ea70f3f4682f20300e6de61b3a80cb8ed287ae6bce953e9e18afELSA-2020-4907ol7_x86_64_optional_archive
freetype-2.4.11-10.el7_1.1.src.rpm837b515c2116ea70f3f4682f20300e6de61b3a80cb8ed287ae6bce953e9e18afELSA-2020-4907ol7_x86_64_u1_patch
freetype-2.4.11-10.el7_1.1.i686.rpm70d8d14a076e666b2b92071fc87810b8160654946909f9c90e8f497892a589aaELSA-2020-4907ol7_x86_64_latest_archive
freetype-2.4.11-10.el7_1.1.i686.rpm70d8d14a076e666b2b92071fc87810b8160654946909f9c90e8f497892a589aaELSA-2020-4907ol7_x86_64_u1_patch
freetype-2.4.11-10.el7_1.1.x86_64.rpm28e7c67351c120660c16b531b5a4c0a56910c23c5728372b4bf584015836dfa0ELSA-2020-4907ol7_x86_64_latest_archive
freetype-2.4.11-10.el7_1.1.x86_64.rpm28e7c67351c120660c16b531b5a4c0a56910c23c5728372b4bf584015836dfa0ELSA-2020-4907ol7_x86_64_u1_patch
freetype-demos-2.4.11-10.el7_1.1.x86_64.rpm680bb53a994cdd5dbdabdfa5c3383a69c25932c4458bce2fb2bc14323a822c56ELSA-2020-4907ol7_x86_64_optional_archive
freetype-devel-2.4.11-10.el7_1.1.i686.rpmdff5860accad268c9888f230414f4e396bc99680e70089d914582a6e44976c09ELSA-2020-4907ol7_x86_64_latest_archive
freetype-devel-2.4.11-10.el7_1.1.i686.rpmdff5860accad268c9888f230414f4e396bc99680e70089d914582a6e44976c09ELSA-2020-4907ol7_x86_64_u1_patch
freetype-devel-2.4.11-10.el7_1.1.x86_64.rpmd9570ce847599b480b5e56050cbe8ae8a4be0a5bac51c811b4add4febf886fbdELSA-2020-4907ol7_x86_64_latest_archive
freetype-devel-2.4.11-10.el7_1.1.x86_64.rpmd9570ce847599b480b5e56050cbe8ae8a4be0a5bac51c811b4add4febf886fbdELSA-2020-4907ol7_x86_64_u1_patch



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights