-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  freetype (SSA:2015-016-01)

New freetype packages are available for Slackware 13.0, 13.1, 13.37, 14.0,
14.1, and -current to fix a security issue.


Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/freetype-2.5.5-i486-1_slack14.1.txz:  Upgraded.
  This release fixes a security bug that could cause freetype to crash
  or run programs upon opening a specially crafted file.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2240
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org/) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://www.slackware.com/ for
additional mirror sites near you.

Updated package for Slackware 13.0:

Updated package for Slackware x86_64 13.0:

Updated package for Slackware 13.1:

Updated package for Slackware x86_64 13.1:

Updated package for Slackware 13.37:

Updated package for Slackware x86_64 13.37:

Updated package for Slackware 14.0:

Updated package for Slackware x86_64 14.0:

Updated package for Slackware 14.1:

Updated package for Slackware x86_64 14.1:

Updated package for Slackware -current:

Updated package for Slackware x86_64 -current:


MD5 signatures:
+-------------+

Slackware 13.0 package:
5603c6a53d1fbee8e8f01879f1fcbbb2  freetype-2.5.5-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
fcb14986e9f52b44a07c16533e668a5c  freetype-2.5.5-x86_64-1_slack13.0.txz

Slackware 13.1 package:
c0f054d3ad06c6f5802e0d1cd4f02d6c  freetype-2.5.5-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
bf19003d860e2f474722a3da0c0978d8  freetype-2.5.5-x86_64-1_slack13.1.txz

Slackware 13.37 package:
35e11b41d3001dc788f8d7ed29912fec  freetype-2.5.5-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
f516408bf21bae72bd81a06624589ac5  freetype-2.5.5-x86_64-1_slack13.37.txz

Slackware 14.0 package:
a2c4fa29040f789e6e0ba3d0a91587ae  freetype-2.5.5-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
accf23f2ccbe1d312ea718fc6545e984  freetype-2.5.5-x86_64-1_slack14.0.txz

Slackware 14.1 package:
e3288d46df60ab3e357578edcf662f7e  freetype-2.5.5-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
f48f40e74dfa41312694823a6ad01676  freetype-2.5.5-x86_64-1_slack14.1.txz

Slackware -current package:
c62847fd2ed8df065fb171efd7a05389  l/freetype-2.5.5-i486-1.txz

Slackware x86_64 -current package:
fb2f05f049de82f4133e9c7f19efa10e  l/freetype-2.5.5-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg freetype-2.5.5-i486-1_slack14.1.txz


+-----+

Slackware: 2015-016-01: freetype Security Update

January 17, 2015
New freetype packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue

Summary

Here are the details from the Slackware 14.1 ChangeLog: patches/packages/freetype-2.5.5-i486-1_slack14.1.txz: Upgraded. This release fixes a security bug that could cause freetype to crash or run programs upon opening a specially crafted file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2240 (* Security fix *)

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 13.0:
Updated package for Slackware x86_64 13.0:
Updated package for Slackware 13.1:
Updated package for Slackware x86_64 13.1:
Updated package for Slackware 13.37:
Updated package for Slackware x86_64 13.37:
Updated package for Slackware 14.0:
Updated package for Slackware x86_64 14.0:
Updated package for Slackware 14.1:
Updated package for Slackware x86_64 14.1:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 13.0 package: 5603c6a53d1fbee8e8f01879f1fcbbb2 freetype-2.5.5-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: fcb14986e9f52b44a07c16533e668a5c freetype-2.5.5-x86_64-1_slack13.0.txz
Slackware 13.1 package: c0f054d3ad06c6f5802e0d1cd4f02d6c freetype-2.5.5-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: bf19003d860e2f474722a3da0c0978d8 freetype-2.5.5-x86_64-1_slack13.1.txz
Slackware 13.37 package: 35e11b41d3001dc788f8d7ed29912fec freetype-2.5.5-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: f516408bf21bae72bd81a06624589ac5 freetype-2.5.5-x86_64-1_slack13.37.txz
Slackware 14.0 package: a2c4fa29040f789e6e0ba3d0a91587ae freetype-2.5.5-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: accf23f2ccbe1d312ea718fc6545e984 freetype-2.5.5-x86_64-1_slack14.0.txz
Slackware 14.1 package: e3288d46df60ab3e357578edcf662f7e freetype-2.5.5-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: f48f40e74dfa41312694823a6ad01676 freetype-2.5.5-x86_64-1_slack14.1.txz
Slackware -current package: c62847fd2ed8df065fb171efd7a05389 l/freetype-2.5.5-i486-1.txz
Slackware x86_64 -current package: fb2f05f049de82f4133e9c7f19efa10e l/freetype-2.5.5-x86_64-1.txz

Severity
[slackware-security] freetype (SSA:2015-016-01)
New freetype packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg freetype-2.5.5-i486-1_slack14.1.txz

Related News

Fighting Back Against Hadooken Malware by Strengthening WebLogic Security
2 - 4 min read
Cybercriminals have been relentlessly attacking the digital landscape, aiming to exploit vulnerabilities in well-known systems. One such exploit is
CISA Sounds Alarm on Newly Exploited Vulnerabilities: Is Your System at Risk?
3 - 5 min read
CISA regularly publishes updates regarding vulnerabilities that present severe threats to global cybersecurity. Recently, CISA added three
Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power
8 Expert-Recommended Security Practices to Fortify Your Linux Systems
4 - 8 min read
As a Linux admin or an infosec professional, you understand how the security landscape changes due to evolving threats, newly discovered

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved