Linux Security
Linux Security
Linux Security

Debian: DSA-2105-1: New freetype packages fix several vulnerabilities

Date 07 Sep 2010
154
Posted By LinuxSecurity Advisories
Several vulnerabilities have been discovered in the FreeType font library. The Common Vulnerabilities and Exposures project identifies the following problems:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-2105-1                  This email address is being protected from spambots. You need JavaScript enabled to view it.
https://www.debian.org/security/                        Giuseppe Iuculano
September 07, 2010                    https://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : freetype
Vulnerability  : several
Problem type   : local(remote)
Debian-specific: no
CVE Id(s)      : CVE-2010-1797 CVE-2010-2541 CVE-2010-2805 CVE-2010-2806
                 CVE-2010-2807 CVE-2010-2808 CVE-2010-3053


Several vulnerabilities have been discovered in the FreeType font 
library. The Common Vulnerabilities and Exposures project identifies the
following problems:

CVE-2010-1797

  Multiple stack-based buffer overflows in the 
  cff_decoder_parse_charstrings function in the CFF Type2 CharStrings
  interpreter in cff/cffgload.c in FreeType allow remote attackers to
  execute arbitrary code or cause a denial of service (memory
  corruption) via crafted CFF opcodes in embedded fonts in a PDF
  document, as demonstrated by JailbreakMe.

CVE-2010-2541

  Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType
  allows remote attackers to cause a denial of service (application
  crash) or possibly execute arbitrary code via a crafted font file.

CVE-2010-2805

  The FT_Stream_EnterFrame function in base/ftstream.c in FreeType does
  not properly validate certain position values, which allows remote
  attackers to cause a denial of service (application crash) or
  possibly execute arbitrary code via a crafted font file

CVE-2010-2806

  Array index error in the t42_parse_sfnts function in
  type42/t42parse.c in FreeType allows remote attackers to cause a
  denial of service (application crash) or possibly execute arbitrary
  code via negative size values for certain strings in FontType42 font
  files, leading to a heap-based buffer overflow.

CVE-2010-2807

  FreeType uses incorrect integer data types during bounds checking,
  which allows remote attackers to cause a denial of service
  (application crash) or possibly execute arbitrary code via a crafted
  font file.

CVE-2010-2808

  Buffer overflow in the Mac_Read_POST_Resource function in
  base/ftobjs.c in FreeType allows remote attackers to cause a denial
  of service (memory corruption and application crash) or possibly
  execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka
  LWFN) font.

CVE-2010-3053

  bdf/bdflib.c in FreeType allows remote attackers to cause a denial of
  service (application crash) via a crafted BDF font file, related to
  an attempted modification of a value in a static string.


For the stable distribution (lenny), these problems have been fixed in
version 2.3.7-2+lenny3

For the unstable distribution (sid) and the testing distribution
(squeeze), these problems have been fixed in version 2.4.2-1


We recommend that you upgrade your freetype package.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  https://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny3.diff.gz
    Size/MD5 checksum:    39230 95a3841e7258573ca2d3e0075b8e7f73
  https://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7.orig.tar.gz
    Size/MD5 checksum:  1567540 c1a9f44fde316470176fd6d66af3a0e8
  https://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny3.dsc
    Size/MD5 checksum:     1219 2a2bf3d4568d92e2a48ebcda38140e73

alpha architecture (DEC Alpha)

  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_alpha.deb
    Size/MD5 checksum:   775278 2f2ca060588fc33b6d7baae02201dbd2
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_alpha.deb
    Size/MD5 checksum:   412188 ad9537e93ed3fb61f9348470940f3ce5
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_alpha.udeb
    Size/MD5 checksum:   296592 e689b1c4b6bd7779e44d1cd641be9622
  https://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_alpha.deb
    Size/MD5 checksum:   253786 287a98ca57139d4dee8041eba2881e3b

amd64 architecture (AMD x86_64 (AMD64))

  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_amd64.deb
    Size/MD5 checksum:   713260 f1d4002e7b6d185ff9f46bc25d67c4c9
  https://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_amd64.deb
    Size/MD5 checksum:   223170 cb00f76d826be115243faa9dfd0b8a91
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_amd64.udeb
    Size/MD5 checksum:   269796 40762e686138c27ac92b20174e67012e
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_amd64.deb
    Size/MD5 checksum:   385848 0294d7e3e1d6b37532f98344a9849cde

arm architecture (ARM)

  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_arm.deb
    Size/MD5 checksum:   686154 fbe32c7124ba2ce093b31f46736e002b
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_arm.deb
    Size/MD5 checksum:   357158 0d793d543a33cfa192098234c925d639
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_arm.udeb
    Size/MD5 checksum:   242196 1cfc9f7dc6a7cd0843aa234bab35b69e
  https://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_arm.deb
    Size/MD5 checksum:   205120 39ab4dfbc19c8a63affc493e0b5aaf2d

armel architecture (ARM EABI)

  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_armel.deb
    Size/MD5 checksum:   684568 325686fbc2fba7687da424ada57b9419
  https://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_armel.deb
    Size/MD5 checksum:   209992 69f6a68fb90658ec74dfd7cc7cc0b766
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_armel.udeb
    Size/MD5 checksum:   236564 a48afca5c6798d16b140b3362dfac0ca
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_armel.deb
    Size/MD5 checksum:   353814 76960109910d6de2f74ec0e345f00854

i386 architecture (Intel ia32)

  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_i386.udeb
    Size/MD5 checksum:   254452 a34af74eda0feb2b763cfc6f5b8330c1
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_i386.deb
    Size/MD5 checksum:   371586 ec294ffffeb9ddec389e3e988d880534
  https://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_i386.deb
    Size/MD5 checksum:   198558 3283ad058d37eed8bca46df743c6a915
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_i386.deb
    Size/MD5 checksum:   684624 014d335b35ed41022adb628796a0c122

ia64 architecture (Intel ia64)

  https://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_ia64.deb
    Size/MD5 checksum:   332160 2dbb364f09414e4b0e0f59d9e91d1edc
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_ia64.deb
    Size/MD5 checksum:   876692 2f6d3421d6c8424523388347c5640666
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_ia64.deb
    Size/MD5 checksum:   531496 5dd7755f63271f597b64c3f513e8e7f1
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_ia64.udeb
    Size/MD5 checksum:   415934 ea2ba16157b3504d8b9c8f251b69b16f

mips architecture (MIPS (Big Endian))

  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_mips.deb
    Size/MD5 checksum:   717022 9ee8c246af10f4bf7cdf5cdc54010dd6
  https://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_mips.deb
    Size/MD5 checksum:   213212 3641ad81738e8935c5df2b648383c8e0
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_mips.deb
    Size/MD5 checksum:   369018 18559e273ffcea5614e71ab32b95ef47
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_mips.udeb
    Size/MD5 checksum:   253924 1be1e224f27a780beb6799d55fa74663

mipsel architecture (MIPS (Little Endian))

  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_mipsel.deb
    Size/MD5 checksum:   369772 6181d98166fe1f004fb033f2665ce4af
  https://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_mipsel.deb
    Size/MD5 checksum:   214802 6edbec67ff79e96921d1fe4bf57b0fce
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_mipsel.deb
    Size/MD5 checksum:   712502 4a99ccc68b1913f88901c5e0686fea4f
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_mipsel.udeb
    Size/MD5 checksum:   254212 e30825a94175fd78a561b8365392cbad

powerpc architecture (PowerPC)

  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_powerpc.udeb
    Size/MD5 checksum:   262804 d35ced8ba625f39dc7a04e3e61e0d49d
  https://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_powerpc.deb
    Size/MD5 checksum:   233882 6e294c19dd0109ee80fe6cd401b6a185
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_powerpc.deb
    Size/MD5 checksum:   378612 c96a180e7132c543396486b14107cdad
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_powerpc.deb
    Size/MD5 checksum:   708212 9602a7786b2ebffd1d75d443901574c5

s390 architecture (IBM S/390)

  https://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_s390.deb
    Size/MD5 checksum:   225190 393c9515f7cd89bcd8b0c38d6d6dd7ac
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_s390.deb
    Size/MD5 checksum:   384160 4e20bc56e5fc65fb08529d8765d28850
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_s390.deb
    Size/MD5 checksum:   698798 f589b6b8882d998bb7b89fa1dfa40b3a
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_s390.udeb
    Size/MD5 checksum:   268272 7b6511b9ad657aa165e906a4fcbfee11

sparc architecture (Sun SPARC/UltraSPARC)

  https://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_sparc.deb
    Size/MD5 checksum:   200078 29c1833cbde5b4da5c2e35aaf856ab58
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_sparc.udeb
    Size/MD5 checksum:   235424 e64a8fc3b744253b22161e31fbb6e92a
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_sparc.deb
    Size/MD5 checksum:   352544 a7f480889460b104bbab16fd8d8da2d5
  https://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_sparc.deb
    Size/MD5 checksum:   676520 6d0f57a5bd6457a9b9b85271c7001531


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb https://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
Package info: `apt-cache show ' and https://packages.debian.org/

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
/main-polls/52-how-frequently-do-you-patch-update-your-system?task=poll.vote&format=json
52
radio
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"43","type":"x","order":"1","pct":81.13,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"5","type":"x","order":"2","pct":9.43,"resources":[]},{"id":"181","title":"Hardly ever","votes":"5","type":"x","order":"3","pct":9.43,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.

VOTE ON THE POLL PAGE


VIEW MORE POLLS

bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.