Re: [SECURITY] [DSA-2116-1] New freetype packages integer overflow

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA-2116-1] New freetype packages integer overflow
From: Davide Mirtillo <davide@ser-tec.org>
Date: Tue, 05 Oct 2010 09:05:46 +0200
Message-id: <[🔎] 4CAACE4A.9030106@ser-tec.org>
In-reply-to: <E1P2sC5-0002W4-7h@chopin.debian.org>
References: <E1P2sC5-0002W4-7h@chopin.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Il 04/10/2010 23:03, Stefan Fritsch ha scritto:
> ------------------------------------------------------------------------
> Debian Security Advisory DSA-2116-1                  security@debian.org
> http://www.debian.org/security/                           Stefan Fritsch
> October 4, 2010                       http://www.debian.org/security/faq
> ------------------------------------------------------------------------
> 
> Package        : freetype
> Vulnerability  : integer overflow
> Problem type   : local (remote)
> Debian-specific: no
> CVE Id(s)      : CVE-2010-3311
> 
> Marc Schoenefeld has found an input stream position error in the
> way the FreeType font rendering engine processed input file streams.
> If a user loaded a specially-crafted font file with an application
> linked against FreeType and relevant font glyphs were subsequently
> rendered with the X FreeType library (libXft), it could cause the
> application to crash or, possibly execute arbitrary code.
> 
> After the upgrade, all running applications and services that use
> libfreetype6 should be restarted. In most cases, logging out and
> in again should be enough. The script checkrestart from the
> debian-goodies package or lsof may help to find out which
> processes are still using the old version of libfreetype6.
> 
> For the stable distribution (lenny), these problems have been fixed in
> version 2.3.7-2+lenny4.
> 
> The testing distribution (squeeze) and the unstable distribution (sid)
> are not affected by this problem.
> 
> We recommend that you upgrade your freetype packages.

Hello, i just ran the update via aptitude, and apt-listbug reported the
package as affected by bug #592399 [1]. Aptitude installed
2.3.7-2+lenny4, and that version is not marked as bug-free in the bug
report page.

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=592399

- -- 
Davide Mirtillo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkyqzkoACgkQKhoNWaTioeYUrwCeMl8KWyrfw7uV1P2pPGVv62L7
WaQAn2+2JuyBgbGG3tgyoD6ywos4p4TW
=eOvX
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA-2116-1] New freetype packages integer overflow
  - From: Rene Engelhard <rene@debian.org>

Prev by Date: Re: [SECURITY] [DSA-2117-1] New apr-util packages fix denial of service
Next by Date: Re: [SECURITY] [DSA-2116-1] New freetype packages integer overflow
Previous by thread: Re: [SECURITY] [DSA-2117-1] New apr-util packages fix denial of service
Next by thread: Re: [SECURITY] [DSA-2116-1] New freetype packages integer overflow
Index(es):
- Date
- Thread