[El-errata] ELSA-2012-0467 Important: Oracle Linux 5 freetype security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Apr 12 13:18:14 PDT 2012
Oracle Linux Security Advisory ELSA-2012-0467
https://rhn.redhat.com/errata/RHSA-2012-0467.html
The following updated rpms for Oracle Linux 5 have been uploaded to the
Unbreakable Linux Network:
i386:
freetype-2.2.1-31.el5_8.1.i386.rpm
freetype-demos-2.2.1-31.el5_8.1.i386.rpm
freetype-devel-2.2.1-31.el5_8.1.i386.rpm
x86_64:
freetype-2.2.1-31.el5_8.1.i386.rpm
freetype-2.2.1-31.el5_8.1.x86_64.rpm
freetype-demos-2.2.1-31.el5_8.1.x86_64.rpm
freetype-devel-2.2.1-31.el5_8.1.i386.rpm
freetype-devel-2.2.1-31.el5_8.1.x86_64.rpm
ia64:
freetype-2.2.1-31.el5_8.1.i386.rpm
freetype-2.2.1-31.el5_8.1.ia64.rpm
freetype-demos-2.2.1-31.el5_8.1.ia64.rpm
freetype-devel-2.2.1-31.el5_8.1.ia64.rpm
SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/freetype-2.2.1-31.el5_8.1.src.rpm
Description of changes:
[2.2.1-31.el5_8.1]
- Fix CVE-2012-{1126, 1127, 1130, 1131, 1132, 1134, 1136,
1137, 1139, 1140, 1141, 1142, 1143, 1144}
- Protect against invalid string offsets in pcf_get_properties()
- Check bytes per row for overflow in _bdf_parse_glyphs()
- Resolves: #806266
[2.2.1-31]
- Add freetype-2.2.1-CVE-2011-3439.patch
(Various loading fixes.)
- Resolves: #754010
[2.2.1-30]
- Add freetype-2.2.1-CVE-2011-3256.patch
- Add freetype-2.2.1-CVE-2011-3256.patch
(Handle some border cases.)
- Resolves: #747082
[2.2.1-29]
- Add freetype-2.2.1-CVE-2010-3855.patch
(Protect against invalid `runcnt' values.)
- Resolves: #651760
More information about the El-errata
mailing list