Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Scientific Linux: CVE-2012-5669 Critical: Freetype Font Processing Issue

Scientific Large Esm H446
Important: freetype security update
Date: Fri, 1 Feb 2013 09:47:47 -0600
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Organization: Fermilab
Subject: Security ERRATA Important: freetype on SL5.x, SL6.x i386/x86_64

Synopsis: Important: freetype security update
Issue Date: 2013-01-31
CVE Numbers: CVE-2012-5669
--

A flaw was found in the way the FreeType font rendering engine processed
certain Glyph Bitmap Distribution Format (BDF) fonts. If a user loaded a
specially-crafted font file with an application linked against FreeType, it
could cause the application to crash or, possibly, execute arbitrary
code with the privileges of the user running the application. (CVE-2012-5669)

The X server must be restarted (log out, then log back in) for this
update to take effect.
--

SL5
 x86_64
 freetype-2.2.1-32.el5_9.1.i386.rpm
 freetype-2.2.1-32.el5_9.1.x86_64.rpm
 freetype-debuginfo-2.2.1-32.el5_9.1.i386.rpm
 freetype-debuginfo-2.2.1-32.el5_9.1.x86_64.rpm
 freetype-demos-2.2.1-32.el5_9.1.x86_64.rpm
 freetype-devel-2.2.1-32.el5_9.1.i386.rpm
 freetype-devel-2.2.1-32.el5_9.1.x86_64.rpm
 i386
 freetype-2.2.1-32.el5_9.1.i386.rpm
 freetype-debuginfo-2.2.1-32.el5_9.1.i386.rpm
 freetype-demos-2.2.1-32.el5_9.1.i386.rpm
 freetype-devel-2.2.1-32.el5_9.1.i386.rpm
SL6
 x86_64
 freetype-2.3.11-14.el6_3.1.i686.rpm
 freetype-2.3.11-14.el6_3.1.x86_64.rpm
 freetype-debuginfo-2.3.11-14.el6_3.1.i686.rpm
 freetype-debuginfo-2.3.11-14.el6_3.1.x86_64.rpm
 freetype-demos-2.3.11-14.el6_3.1.x86_64.rpm
 freetype-devel-2.3.11-14.el6_3.1.i686.rpm
 freetype-devel-2.3.11-14.el6_3.1.x86_64.rpm
 i386
 freetype-2.3.11-14.el6_3.1.i686.rpm
 freetype-debuginfo-2.3.11-14.el6_3.1.i686.rpm
 freetype-demos-2.3.11-14.el6_3.1.i686.rpm
 freetype-devel-2.3.11-14.el6_3.1.i686.rpm

- Scientific Linux Development Team
Your message here