Red Hat: 2015:0696-01: freetype: Important Advisory | LinuxSecurity...
=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: freetype security update
Advisory ID:       RHSA-2015:0696-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2015-0696.html
Issue date:        2015-03-17
CVE Names:         CVE-2014-9657 CVE-2014-9658 CVE-2014-9660 
                   CVE-2014-9661 CVE-2014-9663 CVE-2014-9664 
                   CVE-2014-9667 CVE-2014-9669 CVE-2014-9670 
                   CVE-2014-9671 CVE-2014-9673 CVE-2014-9674 
                   CVE-2014-9675 
=====================================================================

1. Summary:

Updated freetype packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 6 and 7.

Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

3. Description:

FreeType is a free, high-quality, portable font engine that can open and
manage font files. It also loads, hints, and renders individual glyphs
efficiently.

Multiple integer overflow flaws and an integer signedness flaw, leading to
heap-based buffer overflows, were found in the way FreeType handled Mac
fonts. If a specially crafted font file was loaded by an application linked
against FreeType, it could cause the application to crash or, potentially,
execute arbitrary code with the privileges of the user running the
application. (CVE-2014-9673, CVE-2014-9674)

Multiple flaws were found in the way FreeType handled fonts in various
formats. If a specially crafted font file was loaded by an application
linked against FreeType, it could cause the application to crash or,
possibly, disclose a portion of the application memory. (CVE-2014-9657,
CVE-2014-9658, CVE-2014-9660, CVE-2014-9661, CVE-2014-9663, CVE-2014-9664,
CVE-2014-9667, CVE-2014-9669, CVE-2014-9670, CVE-2014-9671, CVE-2014-9675)

All freetype users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The X server must be
restarted (log out, then log back in) for this update to take effect.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1191079 - CVE-2014-9657 freetype: off-by-one buffer over-read in tt_face_load_hdmx()
1191080 - CVE-2014-9658 freetype: buffer over-read and integer underflow in tt_face_load_kern()
1191082 - CVE-2014-9660 freetype: missing ENDCHAR NULL pointer dereference in the _bdf_parse_glyphs()
1191083 - CVE-2014-9661 freetype: out of bounds read in Type42 font parser
1191085 - CVE-2014-9663 freetype: out-of-bounds read in tt_cmap4_validate()
1191086 - CVE-2014-9664 freetype: off-by-one buffer over-read in parse_charstrings() / t42_parse_charstrings()
1191090 - CVE-2014-9667 freetype: integer overflow in tt_face_load_font_dir() leading to out-of-bounds read
1191092 - CVE-2014-9669 freetype: multiple integer overflows leading to buffer over-reads in cmap handling
1191093 - CVE-2014-9670 freetype: integer overflow in pcf_get_encodings() leading to NULL pointer dereference
1191094 - CVE-2014-9671 freetype: integer overflow in pcf_get_properties() leading to NULL pointer dereference
1191096 - CVE-2014-9673 freetype: integer signedness error in Mac_Read_POST_Resource() leading to heap-based buffer overflow
1191190 - CVE-2014-9674 freetype: multiple integer overflows Mac_Read_POST_Resource() leading to heap-based buffer overflows
1191192 - CVE-2014-9675 freetype: information leak in _bdf_add_property()

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
freetype-2.3.11-15.el6_6.1.src.rpm

i386:
freetype-2.3.11-15.el6_6.1.i686.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm

x86_64:
freetype-2.3.11-15.el6_6.1.i686.rpm
freetype-2.3.11-15.el6_6.1.x86_64.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

i386:
freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm
freetype-demos-2.3.11-15.el6_6.1.i686.rpm
freetype-devel-2.3.11-15.el6_6.1.i686.rpm

x86_64:
freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm
freetype-demos-2.3.11-15.el6_6.1.x86_64.rpm
freetype-devel-2.3.11-15.el6_6.1.i686.rpm
freetype-devel-2.3.11-15.el6_6.1.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
freetype-2.3.11-15.el6_6.1.src.rpm

x86_64:
freetype-2.3.11-15.el6_6.1.i686.rpm
freetype-2.3.11-15.el6_6.1.x86_64.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

x86_64:
freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm
freetype-demos-2.3.11-15.el6_6.1.x86_64.rpm
freetype-devel-2.3.11-15.el6_6.1.i686.rpm
freetype-devel-2.3.11-15.el6_6.1.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
freetype-2.3.11-15.el6_6.1.src.rpm

i386:
freetype-2.3.11-15.el6_6.1.i686.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm
freetype-devel-2.3.11-15.el6_6.1.i686.rpm

ppc64:
freetype-2.3.11-15.el6_6.1.ppc.rpm
freetype-2.3.11-15.el6_6.1.ppc64.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.ppc.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.ppc64.rpm
freetype-devel-2.3.11-15.el6_6.1.ppc.rpm
freetype-devel-2.3.11-15.el6_6.1.ppc64.rpm

s390x:
freetype-2.3.11-15.el6_6.1.s390.rpm
freetype-2.3.11-15.el6_6.1.s390x.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.s390.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.s390x.rpm
freetype-devel-2.3.11-15.el6_6.1.s390.rpm
freetype-devel-2.3.11-15.el6_6.1.s390x.rpm

x86_64:
freetype-2.3.11-15.el6_6.1.i686.rpm
freetype-2.3.11-15.el6_6.1.x86_64.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm
freetype-devel-2.3.11-15.el6_6.1.i686.rpm
freetype-devel-2.3.11-15.el6_6.1.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

i386:
freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm
freetype-demos-2.3.11-15.el6_6.1.i686.rpm

ppc64:
freetype-debuginfo-2.3.11-15.el6_6.1.ppc64.rpm
freetype-demos-2.3.11-15.el6_6.1.ppc64.rpm

s390x:
freetype-debuginfo-2.3.11-15.el6_6.1.s390x.rpm
freetype-demos-2.3.11-15.el6_6.1.s390x.rpm

x86_64:
freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm
freetype-demos-2.3.11-15.el6_6.1.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
freetype-2.3.11-15.el6_6.1.src.rpm

i386:
freetype-2.3.11-15.el6_6.1.i686.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm
freetype-devel-2.3.11-15.el6_6.1.i686.rpm

x86_64:
freetype-2.3.11-15.el6_6.1.i686.rpm
freetype-2.3.11-15.el6_6.1.x86_64.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm
freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm
freetype-devel-2.3.11-15.el6_6.1.i686.rpm
freetype-devel-2.3.11-15.el6_6.1.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 6):

i386:
freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm
freetype-demos-2.3.11-15.el6_6.1.i686.rpm

x86_64:
freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm
freetype-demos-2.3.11-15.el6_6.1.x86_64.rpm

Red Hat Enterprise Linux Client (v. 7):

Source:
freetype-2.4.11-10.el7_1.1.src.rpm

x86_64:
freetype-2.4.11-10.el7_1.1.i686.rpm
freetype-2.4.11-10.el7_1.1.x86_64.rpm
freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm
freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm
freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm
freetype-demos-2.4.11-10.el7_1.1.x86_64.rpm
freetype-devel-2.4.11-10.el7_1.1.i686.rpm
freetype-devel-2.4.11-10.el7_1.1.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
freetype-2.4.11-10.el7_1.1.src.rpm

x86_64:
freetype-2.4.11-10.el7_1.1.i686.rpm
freetype-2.4.11-10.el7_1.1.x86_64.rpm
freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm
freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm
freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm
freetype-demos-2.4.11-10.el7_1.1.x86_64.rpm
freetype-devel-2.4.11-10.el7_1.1.i686.rpm
freetype-devel-2.4.11-10.el7_1.1.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
freetype-2.4.11-10.el7_1.1.src.rpm

ppc64:
freetype-2.4.11-10.el7_1.1.ppc.rpm
freetype-2.4.11-10.el7_1.1.ppc64.rpm
freetype-debuginfo-2.4.11-10.el7_1.1.ppc.rpm
freetype-debuginfo-2.4.11-10.el7_1.1.ppc64.rpm
freetype-devel-2.4.11-10.el7_1.1.ppc.rpm
freetype-devel-2.4.11-10.el7_1.1.ppc64.rpm

s390x:
freetype-2.4.11-10.el7_1.1.s390.rpm
freetype-2.4.11-10.el7_1.1.s390x.rpm
freetype-debuginfo-2.4.11-10.el7_1.1.s390.rpm
freetype-debuginfo-2.4.11-10.el7_1.1.s390x.rpm
freetype-devel-2.4.11-10.el7_1.1.s390.rpm
freetype-devel-2.4.11-10.el7_1.1.s390x.rpm

x86_64:
freetype-2.4.11-10.el7_1.1.i686.rpm
freetype-2.4.11-10.el7_1.1.x86_64.rpm
freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm
freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm
freetype-devel-2.4.11-10.el7_1.1.i686.rpm
freetype-devel-2.4.11-10.el7_1.1.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
freetype-2.4.11-10.ael7b_1.1.src.rpm

ppc64le:
freetype-2.4.11-10.ael7b_1.1.ppc64le.rpm
freetype-debuginfo-2.4.11-10.ael7b_1.1.ppc64le.rpm
freetype-devel-2.4.11-10.ael7b_1.1.ppc64le.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
freetype-debuginfo-2.4.11-10.el7_1.1.ppc64.rpm
freetype-demos-2.4.11-10.el7_1.1.ppc64.rpm

s390x:
freetype-debuginfo-2.4.11-10.el7_1.1.s390x.rpm
freetype-demos-2.4.11-10.el7_1.1.s390x.rpm

x86_64:
freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm
freetype-demos-2.4.11-10.el7_1.1.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64le:
freetype-debuginfo-2.4.11-10.ael7b_1.1.ppc64le.rpm
freetype-demos-2.4.11-10.ael7b_1.1.ppc64le.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
freetype-2.4.11-10.el7_1.1.src.rpm

x86_64:
freetype-2.4.11-10.el7_1.1.i686.rpm
freetype-2.4.11-10.el7_1.1.x86_64.rpm
freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm
freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm
freetype-devel-2.4.11-10.el7_1.1.i686.rpm
freetype-devel-2.4.11-10.el7_1.1.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm
freetype-demos-2.4.11-10.el7_1.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2014-9657
https://access.redhat.com/security/cve/CVE-2014-9658
https://access.redhat.com/security/cve/CVE-2014-9660
https://access.redhat.com/security/cve/CVE-2014-9661
https://access.redhat.com/security/cve/CVE-2014-9663
https://access.redhat.com/security/cve/CVE-2014-9664
https://access.redhat.com/security/cve/CVE-2014-9667
https://access.redhat.com/security/cve/CVE-2014-9669
https://access.redhat.com/security/cve/CVE-2014-9670
https://access.redhat.com/security/cve/CVE-2014-9671
https://access.redhat.com/security/cve/CVE-2014-9673
https://access.redhat.com/security/cve/CVE-2014-9674
https://access.redhat.com/security/cve/CVE-2014-9675
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2015 Red Hat, Inc.

Red Hat: 2015:0696-01: freetype: Important Advisory

Updated freetype packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7

Summary

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently.
Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handled Mac fonts. If a specially crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2014-9673, CVE-2014-9674)
Multiple flaws were found in the way FreeType handled fonts in various formats. If a specially crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, possibly, disclose a portion of the application memory. (CVE-2014-9657, CVE-2014-9658, CVE-2014-9660, CVE-2014-9661, CVE-2014-9663, CVE-2014-9664, CVE-2014-9667, CVE-2014-9669, CVE-2014-9670, CVE-2014-9671, CVE-2014-9675)
All freetype users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The X server must be restarted (log out, then log back in) for this update to take effect.

Solution

Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258

References

https://access.redhat.com/security/cve/CVE-2014-9657 https://access.redhat.com/security/cve/CVE-2014-9658 https://access.redhat.com/security/cve/CVE-2014-9660 https://access.redhat.com/security/cve/CVE-2014-9661 https://access.redhat.com/security/cve/CVE-2014-9663 https://access.redhat.com/security/cve/CVE-2014-9664 https://access.redhat.com/security/cve/CVE-2014-9667 https://access.redhat.com/security/cve/CVE-2014-9669 https://access.redhat.com/security/cve/CVE-2014-9670 https://access.redhat.com/security/cve/CVE-2014-9671 https://access.redhat.com/security/cve/CVE-2014-9673 https://access.redhat.com/security/cve/CVE-2014-9674 https://access.redhat.com/security/cve/CVE-2014-9675 https://access.redhat.com/security/updates/classification/#important

Package List

Red Hat Enterprise Linux Desktop (v. 6):
Source: freetype-2.3.11-15.el6_6.1.src.rpm
i386: freetype-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm
x86_64: freetype-2.3.11-15.el6_6.1.i686.rpm freetype-2.3.11-15.el6_6.1.x86_64.rpm freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-demos-2.3.11-15.el6_6.1.i686.rpm freetype-devel-2.3.11-15.el6_6.1.i686.rpm
x86_64: freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm freetype-demos-2.3.11-15.el6_6.1.x86_64.rpm freetype-devel-2.3.11-15.el6_6.1.i686.rpm freetype-devel-2.3.11-15.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: freetype-2.3.11-15.el6_6.1.src.rpm
x86_64: freetype-2.3.11-15.el6_6.1.i686.rpm freetype-2.3.11-15.el6_6.1.x86_64.rpm freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm freetype-demos-2.3.11-15.el6_6.1.x86_64.rpm freetype-devel-2.3.11-15.el6_6.1.i686.rpm freetype-devel-2.3.11-15.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: freetype-2.3.11-15.el6_6.1.src.rpm
i386: freetype-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-devel-2.3.11-15.el6_6.1.i686.rpm
ppc64: freetype-2.3.11-15.el6_6.1.ppc.rpm freetype-2.3.11-15.el6_6.1.ppc64.rpm freetype-debuginfo-2.3.11-15.el6_6.1.ppc.rpm freetype-debuginfo-2.3.11-15.el6_6.1.ppc64.rpm freetype-devel-2.3.11-15.el6_6.1.ppc.rpm freetype-devel-2.3.11-15.el6_6.1.ppc64.rpm
s390x: freetype-2.3.11-15.el6_6.1.s390.rpm freetype-2.3.11-15.el6_6.1.s390x.rpm freetype-debuginfo-2.3.11-15.el6_6.1.s390.rpm freetype-debuginfo-2.3.11-15.el6_6.1.s390x.rpm freetype-devel-2.3.11-15.el6_6.1.s390.rpm freetype-devel-2.3.11-15.el6_6.1.s390x.rpm
x86_64: freetype-2.3.11-15.el6_6.1.i686.rpm freetype-2.3.11-15.el6_6.1.x86_64.rpm freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm freetype-devel-2.3.11-15.el6_6.1.i686.rpm freetype-devel-2.3.11-15.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-demos-2.3.11-15.el6_6.1.i686.rpm
ppc64: freetype-debuginfo-2.3.11-15.el6_6.1.ppc64.rpm freetype-demos-2.3.11-15.el6_6.1.ppc64.rpm
s390x: freetype-debuginfo-2.3.11-15.el6_6.1.s390x.rpm freetype-demos-2.3.11-15.el6_6.1.s390x.rpm
x86_64: freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm freetype-demos-2.3.11-15.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: freetype-2.3.11-15.el6_6.1.src.rpm
i386: freetype-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-devel-2.3.11-15.el6_6.1.i686.rpm
x86_64: freetype-2.3.11-15.el6_6.1.i686.rpm freetype-2.3.11-15.el6_6.1.x86_64.rpm freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm freetype-devel-2.3.11-15.el6_6.1.i686.rpm freetype-devel-2.3.11-15.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: freetype-debuginfo-2.3.11-15.el6_6.1.i686.rpm freetype-demos-2.3.11-15.el6_6.1.i686.rpm
x86_64: freetype-debuginfo-2.3.11-15.el6_6.1.x86_64.rpm freetype-demos-2.3.11-15.el6_6.1.x86_64.rpm
Red Hat Enterprise Linux Client (v. 7):
Source: freetype-2.4.11-10.el7_1.1.src.rpm
x86_64: freetype-2.4.11-10.el7_1.1.i686.rpm freetype-2.4.11-10.el7_1.1.x86_64.rpm freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm freetype-demos-2.4.11-10.el7_1.1.x86_64.rpm freetype-devel-2.4.11-10.el7_1.1.i686.rpm freetype-devel-2.4.11-10.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: freetype-2.4.11-10.el7_1.1.src.rpm
x86_64: freetype-2.4.11-10.el7_1.1.i686.rpm freetype-2.4.11-10.el7_1.1.x86_64.rpm freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm freetype-demos-2.4.11-10.el7_1.1.x86_64.rpm freetype-devel-2.4.11-10.el7_1.1.i686.rpm freetype-devel-2.4.11-10.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: freetype-2.4.11-10.el7_1.1.src.rpm
ppc64: freetype-2.4.11-10.el7_1.1.ppc.rpm freetype-2.4.11-10.el7_1.1.ppc64.rpm freetype-debuginfo-2.4.11-10.el7_1.1.ppc.rpm freetype-debuginfo-2.4.11-10.el7_1.1.ppc64.rpm freetype-devel-2.4.11-10.el7_1.1.ppc.rpm freetype-devel-2.4.11-10.el7_1.1.ppc64.rpm
s390x: freetype-2.4.11-10.el7_1.1.s390.rpm freetype-2.4.11-10.el7_1.1.s390x.rpm freetype-debuginfo-2.4.11-10.el7_1.1.s390.rpm freetype-debuginfo-2.4.11-10.el7_1.1.s390x.rpm freetype-devel-2.4.11-10.el7_1.1.s390.rpm freetype-devel-2.4.11-10.el7_1.1.s390x.rpm
x86_64: freetype-2.4.11-10.el7_1.1.i686.rpm freetype-2.4.11-10.el7_1.1.x86_64.rpm freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm freetype-devel-2.4.11-10.el7_1.1.i686.rpm freetype-devel-2.4.11-10.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: freetype-2.4.11-10.ael7b_1.1.src.rpm
ppc64le: freetype-2.4.11-10.ael7b_1.1.ppc64le.rpm freetype-debuginfo-2.4.11-10.ael7b_1.1.ppc64le.rpm freetype-devel-2.4.11-10.ael7b_1.1.ppc64le.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: freetype-debuginfo-2.4.11-10.el7_1.1.ppc64.rpm freetype-demos-2.4.11-10.el7_1.1.ppc64.rpm
s390x: freetype-debuginfo-2.4.11-10.el7_1.1.s390x.rpm freetype-demos-2.4.11-10.el7_1.1.s390x.rpm
x86_64: freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm freetype-demos-2.4.11-10.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64le: freetype-debuginfo-2.4.11-10.ael7b_1.1.ppc64le.rpm freetype-demos-2.4.11-10.ael7b_1.1.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: freetype-2.4.11-10.el7_1.1.src.rpm
x86_64: freetype-2.4.11-10.el7_1.1.i686.rpm freetype-2.4.11-10.el7_1.1.x86_64.rpm freetype-debuginfo-2.4.11-10.el7_1.1.i686.rpm freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm freetype-devel-2.4.11-10.el7_1.1.i686.rpm freetype-devel-2.4.11-10.el7_1.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: freetype-debuginfo-2.4.11-10.el7_1.1.x86_64.rpm freetype-demos-2.4.11-10.el7_1.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

Severity
Advisory ID: RHSA-2015:0696-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0696.html
Issued Date: : 2015-03-17
CVE Names: CVE-2014-9657 CVE-2014-9658 CVE-2014-9660 CVE-2014-9661 CVE-2014-9663 CVE-2014-9664 CVE-2014-9667 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675

Topic

Updated freetype packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 6 and 7.Red Hat Product Security has rated this update as having Important securityimpact. Common Vulnerability Scoring System (CVSS) base scores, which givedetailed severity ratings, are available for each vulnerability from theCVE links in the References section.

Relevant Releases Architectures

Red Hat Enterprise Linux Client (v. 7) - x86_64

Red Hat Enterprise Linux Client Optional (v. 7) - x86_64

Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64

Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64

Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64

Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64

Red Hat Enterprise Linux HPC Node (v. 6) - x86_64

Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64

Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64

Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64

Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64

Red Hat Enterprise Linux Workstation (v. 7) - x86_64

Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

Bugs Fixed

1191079 - CVE-2014-9657 freetype: off-by-one buffer over-read in tt_face_load_hdmx()

1191080 - CVE-2014-9658 freetype: buffer over-read and integer underflow in tt_face_load_kern()

1191082 - CVE-2014-9660 freetype: missing ENDCHAR NULL pointer dereference in the _bdf_parse_glyphs()

1191083 - CVE-2014-9661 freetype: out of bounds read in Type42 font parser

1191085 - CVE-2014-9663 freetype: out-of-bounds read in tt_cmap4_validate()

1191086 - CVE-2014-9664 freetype: off-by-one buffer over-read in parse_charstrings() / t42_parse_charstrings()

1191090 - CVE-2014-9667 freetype: integer overflow in tt_face_load_font_dir() leading to out-of-bounds read

1191092 - CVE-2014-9669 freetype: multiple integer overflows leading to buffer over-reads in cmap handling

1191093 - CVE-2014-9670 freetype: integer overflow in pcf_get_encodings() leading to NULL pointer dereference

1191094 - CVE-2014-9671 freetype: integer overflow in pcf_get_properties() leading to NULL pointer dereference

1191096 - CVE-2014-9673 freetype: integer signedness error in Mac_Read_POST_Resource() leading to heap-based buffer overflow

1191190 - CVE-2014-9674 freetype: multiple integer overflows Mac_Read_POST_Resource() leading to heap-based buffer overflows

1191192 - CVE-2014-9675 freetype: information leak in _bdf_add_property()

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.