ELSA-2015-0696
- ULN >
- Oracle Linux Errata repository >
- ELSA-2015-0696
ELSA-2015-0696 - freetype security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2015-03-17 |
Description
[2.3.11-15.el6_6.1]
- Fixes CVE-2014-9657
- Check minimum size of record_size.
- Fixes CVE-2014-9658
- Use correct value for minimum table length test.
- Fixes CVE-2014-9675
- New macro that checks one character more than strncmp.
- Fixes CVE-2014-9660
- Check _BDF_GLYPH_BITS.
- Fixes CVE-2014-9661
- Initialize face->ttf_size.
- Always set face->ttf_size directly.
- Exclusively use the truetype font driver for loading
the font contained in the sfnts array.
- Fixes CVE-2014-9663
- Fix order of validity tests.
- Fixes CVE-2014-9664
- Add another boundary testing.
- Fix boundary testing.
- Fixes CVE-2014-9667
- Protect against addition overflow.
- Fixes CVE-2014-9669
- Protect against overflow in additions and multiplications.
- Fixes CVE-2014-9670
- Add sanity checks for row and column values.
- Fixes CVE-2014-9671
- Check size and offset values.
- Fixes CVE-2014-9673
- Fix integer overflow by a broken POST table in resource-fork.
- Fixes CVE-2014-9674
- Fix integer overflow by a broken POST table in resource-fork.
- Additional overflow check in the summation of POST fragment lengths.
- Work around behaviour of X11s pcfWriteFont and pcfReadFont functions
- Resolves: #1197737
[2.3.11-15]
- Fix CVE-2012-5669
(Use correct array size for checking glyph_enc)
- Resolves: #903543
Related CVEs
| CVE-2014-9657 |
| CVE-2014-9658 |
| CVE-2014-9660 |
| CVE-2014-9661 |
| CVE-2014-9663 |
| CVE-2014-9664 |
| CVE-2014-9667 |
| CVE-2014-9669 |
| CVE-2014-9670 |
| CVE-2014-9671 |
| CVE-2014-9673 |
| CVE-2014-9674 |
| CVE-2014-9675 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 6 (i386) | freetype-2.3.11-15.el6_6.1.src.rpm | 7227331a451e5b7afdd5b4b2ea74d0a6 | ELSA-2019-4254 |
| freetype-2.3.11-15.el6_6.1.i686.rpm | 04b8b2f3363b511fc61d9d724267ede6 | ELSA-2019-4254 | |
| freetype-demos-2.3.11-15.el6_6.1.i686.rpm | 67b7766efc837f8394698bd4fdd9ad1a | ELSA-2019-4254 | |
| freetype-devel-2.3.11-15.el6_6.1.i686.rpm | 60e333d3b175492448e8d28a1f354a2b | ELSA-2019-4254 | |
| Oracle Linux 6 (x86_64) | freetype-2.3.11-15.el6_6.1.src.rpm | 7227331a451e5b7afdd5b4b2ea74d0a6 | ELSA-2019-4254 |
| freetype-2.3.11-15.el6_6.1.i686.rpm | 04b8b2f3363b511fc61d9d724267ede6 | ELSA-2019-4254 | |
| freetype-2.3.11-15.el6_6.1.x86_64.rpm | 543a3d41a1f3b45b9b928cbe09260f41 | ELSA-2019-4254 | |
| freetype-demos-2.3.11-15.el6_6.1.x86_64.rpm | d36491b1e1c8d54089f9e30f1b17616a | ELSA-2019-4254 | |
| freetype-devel-2.3.11-15.el6_6.1.i686.rpm | 60e333d3b175492448e8d28a1f354a2b | ELSA-2019-4254 | |
| freetype-devel-2.3.11-15.el6_6.1.x86_64.rpm | 9d39f82544187de64d604f22b728ceb3 | ELSA-2019-4254 | |
| Oracle Linux 7 (x86_64) | freetype-2.4.11-10.el7_1.1.src.rpm | b9008c46f4626f4ab3d776ea19f709be | ELSA-2020-4907 |
| freetype-2.4.11-10.el7_1.1.i686.rpm | b9861c6d2bb80c2530ff49b7282056fa | ELSA-2020-4907 | |
| freetype-2.4.11-10.el7_1.1.x86_64.rpm | 27965d13608fcbae3a56c048323d98a8 | ELSA-2020-4907 | |
| freetype-demos-2.4.11-10.el7_1.1.x86_64.rpm | 46c11c7b2365f6fb1db91d7bc98cc93c | ELSA-2020-4907 | |
| freetype-devel-2.4.11-10.el7_1.1.i686.rpm | dfffa29510e8fbfa5806c88a665e6b53 | ELSA-2020-4907 | |
| freetype-devel-2.4.11-10.el7_1.1.x86_64.rpm | e39e1d5b69278522384c573f227cee18 | ELSA-2020-4907 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
