[SECURITY] Fedora 12 Update: freetype-2.3.11-7.fc12

updates at fedoraproject.org updates at fedoraproject.org
Sun Nov 21 21:56:42 UTC 2010


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-17755
2010-11-15 21:22:38
--------------------------------------------------------------------------------

Name        : freetype
Product     : Fedora 12
Version     : 2.3.11
Release     : 7.fc12
URL         : http://www.freetype.org
Summary     : A free and portable font rendering engine
Description :
The FreeType engine is a free and portable font rendering
engine, developed to provide advanced font support for a variety of
platforms and environments. FreeType is a library which can open and
manages font files as well as efficiently load, hint and render
individual glyphs. FreeType is not a font server or a complete
text-rendering library.

--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 15 2010 Marek Kasik <mkasik at redhat.com> 2.3.11-7
- Add freetype-2.3.11-CVE-2010-3855.patch
    (Protect against invalid `runcnt' values.)
- Resolves: #651764
* Mon Oct  4 2010 Marek Kasik <mkasik at redhat.com> 2.3.11-6
- Add freetype-2.3.11-CVE-2010-2805.patch
    (Fix comparison.)
- Add freetype-2.3.11-CVE-2010-2806.patch
    (Protect against negative string_size. Fix comparison.)
- Add freetype-2.3.11-CVE-2010-2808.patch
    (Check the total length of collected POST segments.)
- Add freetype-2.3.11-CVE-2010-3311.patch
    (Don't seek behind end of stream.)
- Resolves: #638522
* Mon Oct  4 2010 Marek Kasik <mkasik at redhat.com> 2.3.11-5
- Add freetype-2.3.11-CVE-2010-1797.patch
    (Check stack after execution of operations too.
     Skip the evaluations of the values in decoder, if
     cff_decoder_parse_charstrings() returns any error.)
- Resolves: #621627
* Fri Oct  1 2010 Marek Kasik <mkasik at redhat.com> 2.3.11-4
- Add freetype-2.3.11-CVE-2010-2498.patch
    (Assure that `end_point' is not larger than `glyph->num_points')
- Add freetype-2.3.11-CVE-2010-2499.patch
    (Check the buffer size during gathering PFB fragments)
- Add freetype-2.3.11-CVE-2010-2500.patch
    (Use smaller threshold values for `width' and `height')
- Add freetype-2.3.11-CVE-2010-2519.patch
    (Check `rlen' the length of fragment declared in the POST fragment header)
- Add freetype-2.3.11-CVE-2010-2520.patch
    (Fix bounds check)
- Add freetype-2.3.11-CVE-2010-2527.patch
    (Use precision for `%s' where appropriate to avoid buffer overflows)
- Add freetype-2.3.11-CVE-2010-2541.patch
    (Avoid overflow when dealing with names of axes)
- Resolves: #613299
* Thu Dec  3 2009 Behdad Esfahbod <behdad at redhat.com> 2.3.11-3
- Add freetype-2.3.11-more-demos.patch
- New demo programs ftmemchk, ftpatchk, and fttimer
* Thu Dec  3 2009 Behdad Esfahbod <behdad at redhat.com> 2.3.11-2
- Second try.  Drop upstreamed patches.
* Thu Dec  3 2009 Behdad Esfahbod <behdad at redhat.com> 2.3.11-1
- 2.3.11
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #645275 - CVE-2010-3855 Freetype : Heap based buffer overflow in ft_var_readpackedpoints()
        https://bugzilla.redhat.com/show_bug.cgi?id=645275
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update freetype' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list