[El-errata] ELSA-2010-0578 Important: Enterprise Linux 4 freetype security update
Errata Announcements for Enterprise Linux
el-errata at oss.oracle.com
Fri Jul 30 16:21:07 PDT 2010
Enterprise Linux Security Advisory ELSA-2010-0578
https://rhn.redhat.com/errata/RHSA-2010-0578.html
The following updated rpms for Enterprise Linux 4 have been uploaded to
the Unbreakable Linux Network:
i386:
freetype-2.1.9-14.el4.8.i386.rpm
freetype-demos-2.1.9-14.el4.8.i386.rpm
freetype-devel-2.1.9-14.el4.8.i386.rpm
freetype-utils-2.1.9-14.el4.8.i386.rpm
x86_64:
freetype-2.1.9-14.el4.8.i386.rpm
freetype-2.1.9-14.el4.8.x86_64.rpm
freetype-demos-2.1.9-14.el4.8.x86_64.rpm
freetype-devel-2.1.9-14.el4.8.x86_64.rpm
freetype-utils-2.1.9-14.el4.8.x86_64.rpm
ia64:
freetype-2.1.9-14.el4.8.i386.rpm
freetype-2.1.9-14.el4.8.ia64.rpm
freetype-demos-2.1.9-14.el4.8.ia64.rpm
freetype-devel-2.1.9-14.el4.8.ia64.rpm
freetype-utils-2.1.9-14.el4.8.ia64.rpm
SRPMS:
http://oss.oracle.com/el4/SRPMS-updates/freetype-2.1.9-14.el4.8.src.rpm
Description of changes:
[2.1.9-14.el4.8]
- Add freetype-2.1.9-axis-name-overflow.patch
(Avoid overflow when dealing with names of axes)
- Resolves: #614010
[2.1.9-13.el4.8]
- Modify freetype-2.1.9-CVE-2010-2519.patch (additional fix)
(If the type of the POST fragment is 0, the segment is completely
ignored)
- Resolves: #614010
[2.1.9-12.el4.8]
- Add freetype-2.1.9-CVE-2010-2527.patch
(Use precision for `%s' where appropriate to avoid buffer overflows)
- Resolves: #614010
[2.1.9-11.el4.8]
- Add freetype-2.1.9-CVE-2010-2498.patch
(Assure that `end_point' is not larger than `glyph->num_points')
- Add freetype-2.1.9-CVE-2010-2499.patch
(Check the buffer size during gathering PFB fragments)
- Add freetype-2.1.9-CVE-2010-2500.patch
(Use smaller threshold values for `width' and `height')
- Add freetype-2.1.9-CVE-2010-2519.patch
(Check `rlen' the length of fragment declared in the POST fragment
header)
- Resolves: #614010
More information about the El-errata
mailing list