[El-errata] ELSA-2010-0578 Important: Enterprise Linux 5 freetype security update
Errata Announcements for Enterprise Linux
el-errata at oss.oracle.com
Fri Jul 30 16:20:53 PDT 2010
Enterprise Linux Security Advisory ELSA-2010-0578
https://rhn.redhat.com/errata/RHSA-2010-0578.html
The following updated rpms for Enterprise Linux 5 have been uploaded to
the Unbreakable Linux Network:
i386:
freetype-2.2.1-25.el5_5.i386.rpm
freetype-demos-2.2.1-25.el5_5.i386.rpm
freetype-devel-2.2.1-25.el5_5.i386.rpm
x86_64:
freetype-2.2.1-25.el5_5.i386.rpm
freetype-2.2.1-25.el5_5.x86_64.rpm
freetype-demos-2.2.1-25.el5_5.x86_64.rpm
freetype-devel-2.2.1-25.el5_5.i386.rpm
freetype-devel-2.2.1-25.el5_5.x86_64.rpm
ia64:
freetype-2.2.1-25.el5_5.i386.rpm
freetype-2.2.1-25.el5_5.ia64.rpm
freetype-demos-2.2.1-25.el5_5.ia64.rpm
freetype-devel-2.2.1-25.el5_5.ia64.rpm
SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/freetype-2.2.1-25.el5_5.src.rpm
Description of changes:
[2.2.1-25]
- Add freetype-2.2.1-axis-name-overflow.patch
(Avoid overflow when dealing with names of axes)
- Resolves: #614012
[2.2.1-24]
- Modify freetype-2.2.1-CVE-2010-2519.patch (additional fix)
(If the type of the POST fragment is 0, the segment is completely
ignored)
- Resolves: #614012
[2.2.1-23]
- Add freetype-2.2.1-CVE-2010-2527.patch
(Use precision for `%s' where appropriate to avoid buffer overflows)
- Resolves: #614012
[2.2.1-22]
- Add freetype-2.2.1-CVE-2010-2498.patch
(Assure that `end_point' is not larger than `glyph->num_points')
- Add freetype-2.2.1-CVE-2010-2499.patch
(Check the buffer size during gathering PFB fragments)
- Add freetype-2.2.1-CVE-2010-2500.patch
(Use smaller threshold values for `width' and `height')
- Add freetype-2.2.1-CVE-2010-2519.patch
(Check `rlen' the length of fragment declared in the POST fragment
header)
- Resolves: #614012
More information about the El-errata
mailing list