Advisories

Mandriva Advisories

Package name	freetype2
Date	June 13th, 2006
Advisory ID	MDKSA-2006:099-1
Affected versions	CS3.0, MNF2.0, 10.2, 2006.0
Synopsis	Updated freetype2 packages fixes multiple vulnerabilities.

Problem Description

Integer underflow in Freetype before 2.2 allows remote attackers to cause
a denial of service (crash) via a font file with an odd number of blue
values, which causes the underflow when decrementing by 2 in a context
that assumes an even number of values. (CVE-2006-0747)

Multiple integer overflows in FreeType before 2.2 allow remote attackers to
cause a denial of service (crash) and possibly execute arbitrary code via
attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c,
(3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file
in base/ftmac.c. (CVE-2006-1861)

Ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial
of service (crash) via a crafted font file that triggers a null dereference.
(CVE-2006-2661)

In addition, a patch is applied to 2.1.10 in Mandriva 2006 to fix a serious
bug in ttkern.c that caused some programs to go into an infinite loop when
dealing with fonts that don't have a properly sorted kerning sub-table.
This patch is not applicable to the earlier Mandriva releases.

Update:

The previous update introduced some issues with other applications and
libraries linked to libfreetype, that were missed in testing for the
vulnerabilty issues. The new packages correct these issues.

Updated Packages

Corporate Server 3.0

 130af6a75a80501338f5436db5ebff82  corporate/3.0/RPMS/libfreetype6-2.1.7-4.2.C30mdk.i586.rpm
 02882e26f161dbbccf720109940541e0  corporate/3.0/RPMS/libfreetype6-devel-2.1.7-4.2.C30mdk.i586.rpm
 6380581650ff8872236e66c2b1fa29dc  corporate/3.0/RPMS/libfreetype6-static-devel-2.1.7-4.2.C30mdk.i586.rpm
 3c00567f0cef7635b4a07a68fe511070  corporate/3.0/SRPMS/freetype2-2.1.7-4.2.C30mdk.src.rpm

Corporate Server 3.0/X86_64

 e1df2ddb0a864644581d18c912bcde36  x86_64/corporate/3.0/RPMS/lib64freetype6-2.1.7-4.2.C30mdk.x86_64.rpm
 0bcf46db4ea6cda71681af6df77810ee  x86_64/corporate/3.0/RPMS/lib64freetype6-devel-2.1.7-4.2.C30mdk.x86_64.rpm
 ba434d9f482f3aa30e6bba0cc0cd82b1  x86_64/corporate/3.0/RPMS/lib64freetype6-static-devel-2.1.7-4.2.C30mdk.x86_64.rpm
 130af6a75a80501338f5436db5ebff82  x86_64/corporate/3.0/RPMS/libfreetype6-2.1.7-4.2.C30mdk.i586.rpm
 3c00567f0cef7635b4a07a68fe511070  x86_64/corporate/3.0/SRPMS/freetype2-2.1.7-4.2.C30mdk.src.rpm

Multi Network Firewall 2.0

 0c7e02469ae81dd35ee1ff5d57457481  mnf/2.0/RPMS/libfreetype6-2.1.7-4.2.M20mdk.i586.rpm
 320462d9720a74c8edfe23b0136ac6a1  mnf/2.0/SRPMS/freetype2-2.1.7-4.2.M20mdk.src.rpm

Mandriva Linux LE2005

 949b5fe10b3ca151f322aab6ee6cee62  10.2/RPMS/libfreetype6-2.1.9-6.2.102mdk.i586.rpm
 f53e709c24ad45202f6ec522c306fc11  10.2/RPMS/libfreetype6-devel-2.1.9-6.2.102mdk.i586.rpm
 832a3cd9ca44d7a213aa796ebb9a3f2b  10.2/RPMS/libfreetype6-static-devel-2.1.9-6.2.102mdk.i586.rpm
 38715d000c516d130d0c31bbd3f4b921  10.2/SRPMS/freetype2-2.1.9-6.2.102mdk.src.rpm

Mandriva Linux LE2005/X86_64

 68f25173c28838a13334086598a0437a  x86_64/10.2/RPMS/lib64freetype6-2.1.9-6.2.102mdk.x86_64.rpm
 baaa0977a07f3dfc14edd3effb80fcb2  x86_64/10.2/RPMS/lib64freetype6-devel-2.1.9-6.2.102mdk.x86_64.rpm
 8d7a8160ff6057c3f526e41e4f2856b5  x86_64/10.2/RPMS/lib64freetype6-static-devel-2.1.9-6.2.102mdk.x86_64.rpm
 949b5fe10b3ca151f322aab6ee6cee62  x86_64/10.2/RPMS/libfreetype6-2.1.9-6.2.102mdk.i586.rpm
 f53e709c24ad45202f6ec522c306fc11  x86_64/10.2/RPMS/libfreetype6-devel-2.1.9-6.2.102mdk.i586.rpm
 832a3cd9ca44d7a213aa796ebb9a3f2b  x86_64/10.2/RPMS/libfreetype6-static-devel-2.1.9-6.2.102mdk.i586.rpm
 38715d000c516d130d0c31bbd3f4b921  x86_64/10.2/SRPMS/freetype2-2.1.9-6.2.102mdk.src.rpm

Mandriva Linux 2006

 619ca319a2d61959baa1cd53f4474aad  2006.0/RPMS/libfreetype6-2.1.10-9.3.20060mdk.i586.rpm
 742c36c115164007bed1fb9fa2ee5441  2006.0/RPMS/libfreetype6-devel-2.1.10-9.3.20060mdk.i586.rpm
 f5b80947791fc228b306e538b25176a0  2006.0/RPMS/libfreetype6-static-devel-2.1.10-9.3.20060mdk.i586.rpm
 dec7a1fac7ce8f8d7e0c8e1319eef82e  2006.0/SRPMS/freetype2-2.1.10-9.3.20060mdk.src.rpm

Mandriva Linux 2006/X86_64

 4cefd19d4c7186bb0112e1ad0dc0b845  x86_64/2006.0/RPMS/lib64freetype6-2.1.10-9.3.20060mdk.x86_64.rpm
 9e6d8e0703e0d9dc0218f9ea7f814cde  x86_64/2006.0/RPMS/lib64freetype6-devel-2.1.10-9.3.20060mdk.x86_64.rpm
 410cc94730e090a6eb19d7a70acbb662  x86_64/2006.0/RPMS/lib64freetype6-static-devel-2.1.10-9.3.20060mdk.x86_64.rpm
 619ca319a2d61959baa1cd53f4474aad  x86_64/2006.0/RPMS/libfreetype6-2.1.10-9.3.20060mdk.i586.rpm
 742c36c115164007bed1fb9fa2ee5441  x86_64/2006.0/RPMS/libfreetype6-devel-2.1.10-9.3.20060mdk.i586.rpm
 f5b80947791fc228b306e538b25176a0  x86_64/2006.0/RPMS/libfreetype6-static-devel-2.1.10-9.3.20060mdk.i586.rpm
 dec7a1fac7ce8f8d7e0c8e1319eef82e  x86_64/2006.0/SRPMS/freetype2-2.1.10-9.3.20060mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0747
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1861
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2661

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

URL:

https://mandriva.com/security/advisories

Short link:

https://mandriva.com/content/view/full/1075

Intersites Menu

Mandriva

Tools

Top menu

Advisories

Footer