[El-errata] ELSA-2015-0696 Important: Oracle Linux 7 freetype security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Mar 17 11:58:56 PDT 2015


Oracle Linux Security Advisory ELSA-2015-0696

http://linux.oracle.com/errata/ELSA-2015-0696.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
freetype-2.4.11-10.el7_1.1.i686.rpm
freetype-2.4.11-10.el7_1.1.x86_64.rpm
freetype-demos-2.4.11-10.el7_1.1.x86_64.rpm
freetype-devel-2.4.11-10.el7_1.1.i686.rpm
freetype-devel-2.4.11-10.el7_1.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/freetype-2.4.11-10.el7_1.1.src.rpm



Description of changes:

[2.4.11-10.el7_1.1]
- Fixes CVE-2014-9657
    - Check minimum size of `record_size'.
- Fixes CVE-2014-9658
    - Use correct value for minimum table length test.
- Fixes CVE-2014-9675
    - New macro that checks one character more than `strncmp'.
- Fixes CVE-2014-9660
    - Check `_BDF_GLYPH_BITS'.
- Fixes CVE-2014-9661
    - Initialize `face->ttf_size'.
    - Always set `face->ttf_size' directly.
    - Exclusively use the `truetype' font driver for loading
      the font contained in the `sfnts' array.
- Fixes CVE-2014-9663
    - Fix order of validity tests.
- Fixes CVE-2014-9664
    - Add another boundary testing.
    - Fix boundary testing.
- Fixes CVE-2014-9667
    - Protect against addition overflow.
- Fixes CVE-2014-9669
    - Protect against overflow in additions and multiplications.
- Fixes CVE-2014-9670
    - Add sanity checks for row and column values.
- Fixes CVE-2014-9671
    - Check `size' and `offset' values.
- Fixes CVE-2014-9673
    - Fix integer overflow by a broken POST table in resource-fork.
- Fixes CVE-2014-9674
    - Fix integer overflow by a broken POST table in resource-fork.
    - Additional overflow check in the summation of POST fragment lengths.
- Work around behaviour of X11's `pcfWriteFont' and `pcfReadFont' functions
- Resolves: #1197739

[2.4.11-10]
- Generic 32/64 bit platform detection (fix ppc64le build)
- Resolves: #1126099






More information about the El-errata mailing list