==========================================================Ubuntu Security Notice USN-972-1            August 17, 2010
freetype vulnerabilities
CVE-2010-1797, CVE-2010-2541, CVE-2010-2805, CVE-2010-2806,
CVE-2010-2807, CVE-2010-2808
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 9.04
Ubuntu 9.10
Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libfreetype6                    2.1.10-1ubuntu2.8

Ubuntu 8.04 LTS:
  libfreetype6                    2.3.5-1ubuntu4.8.04.4

Ubuntu 9.04:
  libfreetype6                    2.3.9-4ubuntu0.3

Ubuntu 9.10:
  libfreetype6                    2.3.9-5ubuntu0.2

Ubuntu 10.04 LTS:
  libfreetype6                    2.3.11-1ubuntu2.2

After a standard system update you need to restart your session to make
all the necessary changes.

Details follow:

It was discovered that FreeType did not correctly handle certain malformed
font files. If a user were tricked into using a specially crafted font
file, a remote attacker could cause FreeType to crash or possibly execute
arbitrary code with user privileges.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

          Size/MD5:    70961 d986f14b69d50fe1884e8dd5f9386731
          Size/MD5:      719 a91985ecc92b75aa3f3647506bad4039
          Size/MD5:  1323617 adf145ce51196ad1b3054d5fb032efe6

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   717794 f332d5b1974aa53f200e4e6ecf9df088
          Size/MD5:   440974 afa83868cc67cec692f72a9dc93635ff
          Size/MD5:   133902 dca56851436275285b4563c96388a070
          Size/MD5:   251958 358627e207009dbe0c5be095e7bed18d

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   677592 ee43f5e97f31b8da57582dbdb1e63033
          Size/MD5:   416328 ef092c08ba2c167af0da25ab743ea663
          Size/MD5:   117302 b2633ed4487657fe349fd3de76fce405
          Size/MD5:   227436 f55ab8a9bb7e76ad743f6c0fa2974e64

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   708654 ee71c714e62e96a9af4cf7ba909142e6
          Size/MD5:   431036 4f1c6a1e28d3a14b593bef37605119ab
          Size/MD5:   134260 66ba7d95f551eaadb1bba5a56d76529d
          Size/MD5:   241726 d2c4f13b12c8280b1fad56cdc0965502

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   683964 49df9101deb9a317229351d72b5804ec
          Size/MD5:   411982 efaca20d5deec9e51be023710902852b
          Size/MD5:   120138 ff723720ed499e40049e3487844b9db3
          Size/MD5:   222676 71f172ba71fc507b04e5337d55b32ed6

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

          Size/MD5:    40949 1cc5014da4db8200edb54df32561fcd0
          Size/MD5:      907 7f698125814f4ca67a01b0a66d9bcfe9
          Size/MD5:  1536077 4a5bdbe1ab92f3fe4c4816f9934a5ec2

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   694322 c740e1665d09a0c691163a543c8d650b
          Size/MD5:   362386 5b085e83764fcda129bede2c5c4ca179
          Size/MD5:   221392 dbebbbaffc086dccf550468fff1daa92
          Size/MD5:   258454 f3903d4e43891753f3c6439cd862617f

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   663330 7601af27049730f0f7afcfa30244ae88
          Size/MD5:   347172 de53a441e28e385598d20333ff636026
          Size/MD5:   201266 c9c50bdc87d0a46fc43f3bbca26adec5
          Size/MD5:   243462 16bb61f604fe48a301f6faeaa094d266

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   665120 bf0dcd13b8a171f6a740ca225d943e68
          Size/MD5:   347512 d2beee3ccf7fe0233825d46cc61ca62d
          Size/MD5:   205560 7879f630a5356e3d6e9c0609e8008de9
          Size/MD5:   244324 4e10fb5e68a78312eb02c69508120c6a

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   687156 6d36300396fa84d6f889147b0247f385
          Size/MD5:   358086 06b9874cc9ba11fdb6feb10b0831e890
          Size/MD5:   235578 ce514bab4cbc028a0451742c38c633cd
          Size/MD5:   254526 d50f40a9421b52f4302c4d260170edb3

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   658094 184f0f51023baa8ce459fababaa190d9
          Size/MD5:   332124 5aa036de5269896c893ea8f825329b84
          Size/MD5:   199782 9323f9209333cf42114e97d3305d901c
          Size/MD5:   227810 7657e99ad137ad5ce654b74cfbbfdc10

Updated packages for Ubuntu 9.04:

  Source archives:

          Size/MD5:    44032 17b27322a6448d40599c55561209c940
          Size/MD5:     1311 5124a4df7016a625a631c1ff4661aae9
          Size/MD5:  1624314 7b2ab681f1a436876ed888041204e478

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   729408 788a2af765a8356c4a7c01e893695b0b
          Size/MD5:   272950 a1f9a0ad0d036e5a14b073c139ce5408
          Size/MD5:   407052 bfd510dc0c46a0f25dd3329693ee66a8
          Size/MD5:   226474 9b8e6c521d8629b9b1db2760209460a3

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   697818 9176ee8649b8441333d7c5d9359c53a6
          Size/MD5:   257896 c26f46491d69a174fa9cad126a3201cf
          Size/MD5:   392692 648d0605a187b74291b3233e5e4930e3
          Size/MD5:   198834 0b41da08de5417a7db21e24e730e03d9

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   698682 12c20dd647db986bd87a250d8706e8e8
          Size/MD5:   257736 dee60e4b8a1824d2aa13364ec0f01602
          Size/MD5:   392978 e19bcc3c8c0cec76227c64843b01516a
          Size/MD5:   201636 a558e986b6c6e878e115126e7d3a28a5

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   720040 70c8792cddd9cfe45480f8d760dd0163
          Size/MD5:   265790 b356a500845d045f431db6ef4db4f811
          Size/MD5:   400532 91aa4eea6b8e9b67a721b552caab8468
          Size/MD5:   227834 fa22e303b8d06dfb99a8c3c1f2980061

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   689244 dff22369b1bb07d4ef7c6d9f474149db
          Size/MD5:   238164 cb1e597bd0065d2ffbad763a52088c1d
          Size/MD5:   372422 c6f36ae3119f8f17368d796943ba9908
          Size/MD5:   201390 c3f108859375787b11190d3c5a1d966b

Updated packages for Ubuntu 9.10:

  Source archives:

          Size/MD5:    43530 f78681f1641b93f34d41ff4d6f31eb71
          Size/MD5:     1311 8a9a302e0a62f2dbe2a62aba456e2108
          Size/MD5:  1624314 7b2ab681f1a436876ed888041204e478

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   731028 3b5ed0ad073cca0c1eee212b0e12f255
          Size/MD5:   275110 a23822489a0d7d45152f341b86f0df20
          Size/MD5:   409362 ba180d650e17df6980ca09b8d1a109e1
          Size/MD5:   230774 a0a51691eefc0fb6e94d41c3282c3ab2

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   696892 ad2164ed812ccd9cf7829659cff219c7
          Size/MD5:   258710 c2d256e87eaee83ab83592247588bee7
          Size/MD5:   393912 c8d04b785d17066229bab50a3c13e1af
          Size/MD5:   195702 02aa03f1f62a61383d829b5bf494b7b0

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:   699382 ff8200917b43322062d2f3b5f3f6bab8
          Size/MD5:   259348 0395bdbaf357d161d0f1d3b257ae4732
          Size/MD5:   394122 8481f2e278a5da28b28ef0fa79207662
          Size/MD5:   198546 a3f0a848da83a64d14344b6744b33a90

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   719762 bd7185c852b151794c27f8c2ead4da94
          Size/MD5:   264578 58a77cbf2ae4c2a447a81cce72f6b8c5
          Size/MD5:   399118 c943fa66513b862ccb6ac99699c9e33c
          Size/MD5:   203834 842dd94d9b3fad52c0b1b6489775d2ea

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   691054 557de31093ac67c2dedec97e55998295
          Size/MD5:   240534 f3c79ed9e84e7169851de3f432b613c3
          Size/MD5:   374982 e84af1b516f050ee9bdb93c213994943
          Size/MD5:   195786 599978c8d9cff2525eba228c793833c3

Updated packages for Ubuntu 10.04:

  Source archives:

          Size/MD5:    41646 9b97425327300eda74c492034fed50ad
          Size/MD5:     1313 b7b625334a0d9c926bf34cc83dcc904c
          Size/MD5:  1709600 5aa22c0bc6aa3815b40a309ead2b9d1b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:   739530 db9147ce9477b7ab22374f89d24b24ca
          Size/MD5:   277536 35fc46f3c281aee82eeed4e00cfdacdc
          Size/MD5:   434932 1bf8e620c3008504b87354470e7be9a5
          Size/MD5:   221434 4b4fcbd633bf1b3c2151617adae44835

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:   704694 f58601afde2b4bc257492762654cbf94
          Size/MD5:   260916 a540a7f9ae973bce66bbd3fdb9a4f849
          Size/MD5:   419000 d4a78ce7ae146caa59b61f43b27d363c
          Size/MD5:   188710 e94b4202fcfe184fdf81409fe610a42a

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:   728090 5f2e98a54cb2a0ac03591c387aacf461
          Size/MD5:   266750 66bf2b146ab219d1b78e1887d0053f2a
          Size/MD5:   424614 fd964644b45bbbc79729c9609c4b6bb8
          Size/MD5:   196686 b88a8cebff19c95b6c9c161f7d1bb472

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:   707164 bf26d7cb1aa3f759ca31510f92888053
          Size/MD5:   250768 100b4d4b270421fb1dcb503c88b547e8
          Size/MD5:   408132 b009cd0f1aafa500f8cc16273e9f2ed9
          Size/MD5:   198302 504ec3da9ee2048391e2c4035d7149fc

Ubuntu 972-1: FreeType vulnerabilities

August 17, 2010
It was discovered that FreeType did not correctly handle certain malformed font files

Summary

Update Instructions

References

Severity
freetype vulnerabilities

Package Information

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved