Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Slackware: 2020-294-01 Moderate: Freetype Heap Buffer Overflow

slackware
Calendar Grey October 20, 2020
Dist Slackware Esm H88
Fresh freetype updates released for Slackware to combat security flaws and resolve heap buffer overflow concerns.
New freetype packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues

Summary

Here are the details from the Slackware 14.2 ChangeLog: patches/packages/freetype-2.6.3-i586-3_slack14.2.txz: Rebuilt. Fix heap buffer overflow in embedded PNG bitmap handling. For more information, see: https://www.cve.org/CVERecord?id=CVE-2020-15999 (* Security fix *)

Topics%20covered

Topics Covered

security advisory security fix slackware freetype heap buffer overflow

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/freetype-2.5.5-i486-3_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/freetype-2.5.5-x86_64-3_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/freetype-2.5.5-i486-3_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/freetype-2.5.5-x86_64-3_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/freetype-2.6.3-i586-3_slack14.2.txz
Updated package for S...

Read the Full Advisory

MD5 Signatures

Slackware 14.0 package: bef4a8ff7ea2ea76731ff99c2356bb31 freetype-2.5.5-i486-3_slack14.0.txz
Slackware x86_64 14.0 package: 425bf27d171d2913c79d53e200b241b4 freetype-2.5.5-x86_64-3_slack14.0.txz
Slackware 14.1 package: 7079bd2e315a8ccc29102f92621df53c freetype-2.5.5-i486-3_slack14.1.txz
Slackware x86_64 14.1 package: bb9b36305cbd760b67c60bf6655cf9de freetype-2.5.5-x86_64-3_slack14.1.txz
Slackware 14.2 package: 222af2c02358c844eec303a41b1dd91d freetype-2.6.3-i586-3_slack14.2.txz
Slackware x86_64 14.2 package: a1ae0c1201ab2128f7a5d42ca248936a freetype-2.6.3-x86_64-3_slack14.2.txz
Slackware -current package: bd27581eed2b9068f4a7c72dbc70b98a l/freetype-2.10.4-i586-1.txz
Slackware x86_64 -current package: a66931bd6ea3213f8922c748716eef44 l/freetype-2.10.4-x86_64-1.txz

Severity
important
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory security fix slackware freetype heap buffer overflow

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg freetype-2.6.3-i586-3_slack14.2.txz

Your message here