[El-errata] ELSA-2010-0889 Important: Oracle Linux 6 freetype security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Wed Feb 16 13:01:41 PST 2011


Oracle Linux Security Advisory ELSA-2010-0889

https://rhn.redhat.com/errata/RHSA-2010-0889.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
freetype-2.3.11-6.el6_0.2.i686.rpm
freetype-demos-2.3.11-6.el6_0.2.i686.rpm
freetype-devel-2.3.11-6.el6_0.2.i686.rpm

x86_64:
freetype-2.3.11-6.el6_0.2.i686.rpm
freetype-2.3.11-6.el6_0.2.x86_64.rpm
freetype-demos-2.3.11-6.el6_0.2.x86_64.rpm
freetype-devel-2.3.11-6.el6_0.2.i686.rpm
freetype-devel-2.3.11-6.el6_0.2.x86_64.rpm


SRPMS:
http://oss.oracle.com/el6/SRPMS-updates/freetype-2.3.11-6.el6_0.2.src.rpm


Description of changes:

[2.3.11-6.el6_0.2]
- Add freetype-2.3.11-CVE-2010-3855.patch
    (Protect against invalid `runcnt' values.)
- Resolves: #651761

[2.3.11-6.el6_0.1]
- Add freetype-2.3.11-CVE-2010-2805.patch
    (Fix comparison.)
- Add freetype-2.3.11-CVE-2010-2806.patch
    (Protect against negative string_size. Fix comparison.)
- Add freetype-2.3.11-CVE-2010-2808.patch
    (Check the total length of collected POST segments.)
- Add freetype-2.3.11-CVE-2010-3311.patch
    (Don't seek behind end of stream.)
- Resolves: #638838





More information about the El-errata mailing list