[El-errata] ELSA-2007-0150 Moderate: Enterprise Linux 4 freetype security update

el-errata at oss.oracle.com el-errata at oss.oracle.com
Mon Apr 16 17:52:43 PDT 2007


Enterprise Linux Security Advisory ELSA-2007-0150

https://rhn.redhat.com/errata/RHSA-2007-0150.html

The following updated rpms for Enterprise Linux 4 have been uploaded to the Unbreakable Linux Network:

i386::
freetype-2.1.9-5.el4.i386.rpm
freetype-demos-2.1.9-5.el4.i386.rpm
freetype-devel-2.1.9-5.el4.i386.rpm
freetype-utils-2.1.9-5.el4.i386.rpm

x86_64:
freetype-2.1.9-5.el4.i386.rpm
freetype-2.1.9-5.el4.x86_64.rpm
freetype-demos-2.1.9-5.el4.x86_64.rpm
freetype-devel-2.1.9-5.el4.x86_64.rpm
freetype-utils-2.1.9-5.el4.x86_64.rpm

SRPMS:

http://oss.oracle.com/el4/SRPMS-updates/freetype-2.1.9-5.el4.src.rpm

Description of changes:

[2.1.9-5]
- Add freetype-2.2.1-bdf-overflow.patch
- Resolves: #234228

[2.1.9-4.el4]
- assume any allocation over 32bits is an overflow, even
  on 64-bit platforms
- remove memory debugging disabling patch

[2.1.9-3.rhel4]
- add null check to prevent crasher on one of the test files

[2.1.9-3]
- add patch from Behdad Esfahbod <besfahbo at redhat.com> to
  correct freetype crasher issues (bugs 200033, 199397, 200179,
  200377)

[2.1.9-2.rhel4.4]
- Fix error handling in utility functions used by pango

[2.1.9-1.rhel4.4]
- Yet more fixes for CVE-2006-1861.

[2.1.9-1.rhel4.3]
- Fixed another uninitialized pointer, this one in FT_Realloc().

[2.1.9-1.rhel4.2]
- Fixed an uninitialized pointer in FT_QRealloc().

[2.1.9-1.rhel4.1]
- Fixes for CVE-2006-1861 and CVE-2006-0747









More information about the El-errata mailing list