-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:236 http://www.mandriva.com/security/ _______________________________________________________________________ Package : freetype2 Date : November 16, 2010 Affected: 2009.0, 2010.0, 2010.1, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities were discovered and corrected in freetype2: An error within the "Ins_SHZ()" function in src/truetype/ttinterp.c when handling the "SHZ" bytecode instruction can be exploited to cause a crash and potentially execute arbitrary code via a specially crafted font (CVE-2010-3814). An error exists in the "ft_var_readpackedpoints()" function in src/truetype/ttgxvar.c when processing TrueType GX fonts and can be exploited to cause a heap-based buffer overflow via a specially crafted font (CVE-2010-3855). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3814 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3855 http://secunia.com/advisories/41738 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 0f513dab45a0f16a10ccb262c591a29b 2009.0/i586/libfreetype6-2.3.7-1.6mdv2009.0.i586.rpm 3e68fe984797044db4662aaea7043e5d 2009.0/i586/libfreetype6-devel-2.3.7-1.6mdv2009.0.i586.rpm eddda257a00f7c7ad8546d2a366a4cf6 2009.0/i586/libfreetype6-static-devel-2.3.7-1.6mdv2009.0.i586.rpm d3d00802f5a9f8d55ff93d4a52dd688c 2009.0/SRPMS/freetype2-2.3.7-1.6mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 13c5119d8dfc4083d04721db113c63ea 2009.0/x86_64/lib64freetype6-2.3.7-1.6mdv2009.0.x86_64.rpm 4f7ae5925648e4075f86ff92b585f79b 2009.0/x86_64/lib64freetype6-devel-2.3.7-1.6mdv2009.0.x86_64.rpm 9fb5c35fcf406d9c67cf33761afba2c6 2009.0/x86_64/lib64freetype6-static-devel-2.3.7-1.6mdv2009.0.x86_64.rpm d3d00802f5a9f8d55ff93d4a52dd688c 2009.0/SRPMS/freetype2-2.3.7-1.6mdv2009.0.src.rpm Mandriva Linux 2010.0: e58fd78a9c1a360d9835c1fa7523348a 2010.0/i586/libfreetype6-2.3.11-1.5mdv2010.0.i586.rpm 90d269a594a134659ee5484a624ceec9 2010.0/i586/libfreetype6-devel-2.3.11-1.5mdv2010.0.i586.rpm 464fdcfbaa4692ff68ef046387ca812e 2010.0/i586/libfreetype6-static-devel-2.3.11-1.5mdv2010.0.i586.rpm 2437d79143005ecefd9a2dc68eead49e 2010.0/SRPMS/freetype2-2.3.11-1.5mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: 990e0f8f9c48ecc8742627e332d10b1d 2010.0/x86_64/lib64freetype6-2.3.11-1.5mdv2010.0.x86_64.rpm de925c563f99b740e92da35731391ef5 2010.0/x86_64/lib64freetype6-devel-2.3.11-1.5mdv2010.0.x86_64.rpm e0366af7b4cff9c34401327a75995cf1 2010.0/x86_64/lib64freetype6-static-devel-2.3.11-1.5mdv2010.0.x86_64.rpm 2437d79143005ecefd9a2dc68eead49e 2010.0/SRPMS/freetype2-2.3.11-1.5mdv2010.0.src.rpm Mandriva Linux 2010.1: 01f6fbfe44fc14e3d722cfcb71c586df 2010.1/i586/libfreetype6-2.3.12-1.5mdv2010.1.i586.rpm d31b39ca425c3e0d8451846f72a7c689 2010.1/i586/libfreetype6-devel-2.3.12-1.5mdv2010.1.i586.rpm f23ba4780eb8a76db9bc150ef483908f 2010.1/i586/libfreetype6-static-devel-2.3.12-1.5mdv2010.1.i586.rpm 25686c4566e01ee72bdd430c1f1f8cf4 2010.1/SRPMS/freetype2-2.3.12-1.5mdv2010.1.src.rpm Mandriva Linux 2010.1/X86_64: 718089405b4c06c26ca35b943003f20f 2010.1/x86_64/lib64freetype6-2.3.12-1.5mdv2010.1.x86_64.rpm c5c9aa34d66e26f966038102a784e0ef 2010.1/x86_64/lib64freetype6-devel-2.3.12-1.5mdv2010.1.x86_64.rpm ce2da681b1b8b741c4c095fde5a86588 2010.1/x86_64/lib64freetype6-static-devel-2.3.12-1.5mdv2010.1.x86_64.rpm 25686c4566e01ee72bdd430c1f1f8cf4 2010.1/SRPMS/freetype2-2.3.12-1.5mdv2010.1.src.rpm Mandriva Enterprise Server 5: 25b4a3057e313046cc9d2e26f5ba362b mes5/i586/libfreetype6-2.3.7-1.6mdvmes5.1.i586.rpm 5efa3b889126e463458ced59bbf8af5c mes5/i586/libfreetype6-devel-2.3.7-1.6mdvmes5.1.i586.rpm f00793f1397da865668b4d1492256c26 mes5/i586/libfreetype6-static-devel-2.3.7-1.6mdvmes5.1.i586.rpm 98f415cf6b6882d33c5ba10cc0187ad7 mes5/SRPMS/freetype2-2.3.7-1.6mdvmes5.1.src.rpm Mandriva Enterprise Server 5/X86_64: d0d498a0b58b69bbd08f589c63bbd6ab mes5/x86_64/lib64freetype6-2.3.7-1.6mdvmes5.1.x86_64.rpm 7818f1757da1c3c9aab94d0d8ff6d96a mes5/x86_64/lib64freetype6-devel-2.3.7-1.6mdvmes5.1.x86_64.rpm bfd7ba00ded60ba19982eeea50300d73 mes5/x86_64/lib64freetype6-static-devel-2.3.7-1.6mdvmes5.1.x86_64.rpm 98f415cf6b6882d33c5ba10cc0187ad7 mes5/SRPMS/freetype2-2.3.7-1.6mdvmes5.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFM4kfGmqjQ0CJFipgRApurAJoDuQb9vZP5S30jMNfuhtkrTmh9LwCgsBnG HLE1mP7DpvGt1xv6/0j3guA= =CQ3P -----END PGP SIGNATURE-----
