ID

VAR-201110-0321

CVE

CVE-2011-3256

TITLE

Apple iOS of CoreGraphics of FreeType Vulnerable to arbitrary code execution

DESCRIPTION

FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226. Free Type is prone to multiple memory corruption vulnerabilities. Successfully exploiting these issues will allow attackers to execute arbitrary code. Failed exploit attempts may cause denial-of-service conditions. NOTE: This issue was previously discussed in BID 50086 (Apple iPhone/iPad/iPod touch Prior to iOS 5 Multiple Vulnerabilities) but has been given its own record to better document it. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. A code injection vulnerability exists in FreeType of Apple's CoreGraphics versions prior to iOS 5. ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Apple iOS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46377 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46377/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46377 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46377/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46377/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46377 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people with physical access to disclose certain information and by malicious people to conduct script insertion, cross-site scripting, and spoofing attacks, disclose sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a user's device. 1) An error within the CalDAV component does not properly validate the SSL certificate when synchronizing the calendar, which can be exploited to disclose encrypted information e.g. using a Man-in-the-Middle (MitM) attack. 2) Input passed via invitation notes is not properly sanitised in Calendar before being returned to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious invitation is being viewed. 3) The CFNetwork component stores a user's AppleID password and username in the log file readable by applications, which can be exploited to disclose the credentials. 4) The CFNetwork component does not properly restrict cross-domain access of HTTP cookies, which can be exploited to access the cookies of another web site. 5) An error exists within CoreFoundation when handling string tokenization. For more information see vulnerability #1 in: SA46339 6) Multiple errors within CoreGraphics when handling the certain freetype fonts can be exploited to corrupt memory. 7) An error within CoreMedia does not properly handle cross-site redirects and can be exploited to disclose video data. 8) An error exits within the Data Access component when handling multiple accounts configured on the same server and can be exploited to disclose the cookie of another account. 9) The application accepts X.509 certificates with MD5 hashes, which could lead to weak cryptographic certificates being used. This can be exploited to disclose encrypted information e.g. using a Man-in-the-Middle (MitM) attack. 10) A design error exists within the implementation of SSL 3.0 and TLS 1.0 protocols. For more information: SA46168 11) An error within ImageIO when handling CCITT Group 4 encoded TIFF files can be exploited to cause a buffer overflow. For more information see vulnerability #1 in: SA43593 12) An error in ImageIO within the handling of CCITT Group 4 encoded TIFF image files can be exploited to cause a heap-based buffer overflow. For more information see vulnerability #9 in: SA45325 13) An error within ICU (International Components for Unicode) can be exploited to cause a buffer overflow. For more information see vulnerability #11 in: SA45054 14) An error within the kernel does not reclaim memory from incomplete TCP connections, which can be exploited to exhaust system resources by connecting to a listening service and cause the device to reset. 15) A NULL-pointer dereference error within the kernel when handling IPv6 socket options can be exploited to cause the device to reset. 16) An error within libxml can be exploited to cause a heap-based buffer overflow. For more information see vulnerability #12 in: SA45325 17) An error within OfficeImport when viewing certain Microsoft Word files can be exploited to cause a buffer overflow. 18) An error within OfficeImport when viewing certain Microsoft Excel files can be exploited to cause a buffer overflow. 19) An indexing error exists in the OfficeImport framework when processing certain records in a Microsoft Word file. For more information see vulnerability #19 in: SA45054 20) An error in the OfficeImport framework when processing records can be exploited to corrupt memory. For more information see vulnerability #28 in: SA43814 21) An error within Safari does not properly handle the "attachment" HTTP Content-Disposition header and can be exploited to conduct cross-site scripting attacks. 22) The parental restrictions feature stores the restrictions passcode in plaintext on disk and can be exploited to disclose the passcode. 23) An error within UIKit does not properly handle "tel:" URIs and can be exploited to cause the device to hang by tricking the user into visiting a malicious website. 24) Some vulnerabilities are caused due to a bundled vulnerable version of WebKit. For more information: SA43519 SA43683 SA43696 SA43859 SA45097 SA45325 SA45325 SA45498 SA45498 SA46339 SA46412 25) The WiFi credentials are stored in a file readable by other applications, which may lead to the credentials being disclosed. PROVIDED AND/OR DISCOVERED BY: 1) Leszek Tasiemski, nSense. 6, 9) Reported by the vendor. The vendor credits: 2) Rick Deacon 3) Peter Quade, qdevelop 4) Erling Ellingsen, Facebook. 7) Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR) 8) Bob Sielken, IBM 14) Wouter van der Veer, Topicus and Josh Enders 15) Thomas Clement, Intego 17) Tobias Klein via iDefense. 18) Tobias Klein, www.trapkit.de 21) Christian Matthies via iDefense and Yoshinori Oota, Business Architects via JP/CERT. 22) An anonymous person 23) Simon Young, Anglia Ruskin University 25) Laurent OUDOT, TEHTRI Security ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4999 nSense: http://www.nsense.fi/advisories/nsense_2011_006.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . For the oldstable distribution (lenny), this problem has been fixed in version 2.3.7-2+lenny7. For the stable distribution (squeeze), this problem has been fixed in version 2.4.2-2.1+squeeze2. For the unstable distribution (sid), this problem has been fixed in version 2.4.7-1. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/freetype < 2.4.8 >= 2.4.8 Description =========== Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All FreeType users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/freetype-2.4.8" References ========== [ 1 ] CVE-2010-1797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1797 [ 2 ] CVE-2010-2497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2497 [ 3 ] CVE-2010-2498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2498 [ 4 ] CVE-2010-2499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2499 [ 5 ] CVE-2010-2500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2500 [ 6 ] CVE-2010-2519 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2519 [ 7 ] CVE-2010-2520 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2520 [ 8 ] CVE-2010-2527 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2527 [ 9 ] CVE-2010-2541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2541 [ 10 ] CVE-2010-2805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2805 [ 11 ] CVE-2010-2806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2806 [ 12 ] CVE-2010-2807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2807 [ 13 ] CVE-2010-2808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2808 [ 14 ] CVE-2010-3053 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3053 [ 15 ] CVE-2010-3054 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3054 [ 16 ] CVE-2010-3311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3311 [ 17 ] CVE-2010-3814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3814 [ 18 ] CVE-2010-3855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3855 [ 19 ] CVE-2011-0226 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0226 [ 20 ] CVE-2011-3256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3256 [ 21 ] CVE-2011-3439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3439 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201201-09.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . A regression was found in freetype2 in Mandriva Enterprise Server 5 that caused ugly font rendering with firefox (#63892). Additionally, improvements conserning the LZW handling (as noted in the freetype-2.4.7 version) was added. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFOoSQgmqjQ0CJFipgRAu7bAKCNJuDDSIC2BGla3ck+cJp/Kn88ZwCg1jD/ dxu3TlyhMXF4coBC+GcK+2g= =QK6b -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-1267-1 November 18, 2011 freetype vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS Summary: FreeType could be made to crash or run programs as your login if it opened a specially crafted font file. (CVE-2011-3439) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: libfreetype6 2.4.4-2ubuntu1.1 Ubuntu 11.04: libfreetype6 2.4.4-1ubuntu2.2 Ubuntu 10.10: libfreetype6 2.4.2-2ubuntu0.3 Ubuntu 10.04 LTS: libfreetype6 2.3.11-1ubuntu2.5 Ubuntu 8.04 LTS: libfreetype6 2.3.5-1ubuntu4.8.04.7 After a standard system update you need to restart your session to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: freetype security update Advisory ID: RHSA-2011:1402-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1402.html Issue date: 2011-10-25 CVE Names: CVE-2011-3256 ===================================================================== 1. Summary: Updated freetype packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. The freetype packages for Red Hat Enterprise Linux 4 provide both the FreeType 1 and FreeType 2 font engines. The freetype packages for Red Hat Enterprise Linux 5 and 6 provide only the FreeType 2 font engine. Multiple input validation flaws were found in the way FreeType processed bitmap font files. (CVE-2011-3256) Note: These issues only affected the FreeType 2 font engine. Users are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. The X server must be restarted (log out, then log back in) for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 746226 - CVE-2011-3256 FreeType FT_Bitmap_New integer overflow to buffer overflow, FreeType TT_Vary_Get_Glyph_Deltas improper input validation 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/freetype-2.1.9-20.el4.src.rpm i386: freetype-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-demos-2.1.9-20.el4.i386.rpm freetype-devel-2.1.9-20.el4.i386.rpm freetype-utils-2.1.9-20.el4.i386.rpm ia64: freetype-2.1.9-20.el4.i386.rpm freetype-2.1.9-20.el4.ia64.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.ia64.rpm freetype-demos-2.1.9-20.el4.ia64.rpm freetype-devel-2.1.9-20.el4.ia64.rpm freetype-utils-2.1.9-20.el4.ia64.rpm ppc: freetype-2.1.9-20.el4.ppc.rpm freetype-2.1.9-20.el4.ppc64.rpm freetype-debuginfo-2.1.9-20.el4.ppc.rpm freetype-debuginfo-2.1.9-20.el4.ppc64.rpm freetype-demos-2.1.9-20.el4.ppc.rpm freetype-devel-2.1.9-20.el4.ppc.rpm freetype-utils-2.1.9-20.el4.ppc.rpm s390: freetype-2.1.9-20.el4.s390.rpm freetype-debuginfo-2.1.9-20.el4.s390.rpm freetype-demos-2.1.9-20.el4.s390.rpm freetype-devel-2.1.9-20.el4.s390.rpm freetype-utils-2.1.9-20.el4.s390.rpm s390x: freetype-2.1.9-20.el4.s390.rpm freetype-2.1.9-20.el4.s390x.rpm freetype-debuginfo-2.1.9-20.el4.s390.rpm freetype-debuginfo-2.1.9-20.el4.s390x.rpm freetype-demos-2.1.9-20.el4.s390x.rpm freetype-devel-2.1.9-20.el4.s390x.rpm freetype-utils-2.1.9-20.el4.s390x.rpm x86_64: freetype-2.1.9-20.el4.i386.rpm freetype-2.1.9-20.el4.x86_64.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.x86_64.rpm freetype-demos-2.1.9-20.el4.x86_64.rpm freetype-devel-2.1.9-20.el4.x86_64.rpm freetype-utils-2.1.9-20.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/freetype-2.1.9-20.el4.src.rpm i386: freetype-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-demos-2.1.9-20.el4.i386.rpm freetype-devel-2.1.9-20.el4.i386.rpm freetype-utils-2.1.9-20.el4.i386.rpm x86_64: freetype-2.1.9-20.el4.i386.rpm freetype-2.1.9-20.el4.x86_64.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.x86_64.rpm freetype-demos-2.1.9-20.el4.x86_64.rpm freetype-devel-2.1.9-20.el4.x86_64.rpm freetype-utils-2.1.9-20.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/freetype-2.1.9-20.el4.src.rpm i386: freetype-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-demos-2.1.9-20.el4.i386.rpm freetype-devel-2.1.9-20.el4.i386.rpm freetype-utils-2.1.9-20.el4.i386.rpm ia64: freetype-2.1.9-20.el4.i386.rpm freetype-2.1.9-20.el4.ia64.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.ia64.rpm freetype-demos-2.1.9-20.el4.ia64.rpm freetype-devel-2.1.9-20.el4.ia64.rpm freetype-utils-2.1.9-20.el4.ia64.rpm x86_64: freetype-2.1.9-20.el4.i386.rpm freetype-2.1.9-20.el4.x86_64.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.x86_64.rpm freetype-demos-2.1.9-20.el4.x86_64.rpm freetype-devel-2.1.9-20.el4.x86_64.rpm freetype-utils-2.1.9-20.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/freetype-2.1.9-20.el4.src.rpm i386: freetype-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-demos-2.1.9-20.el4.i386.rpm freetype-devel-2.1.9-20.el4.i386.rpm freetype-utils-2.1.9-20.el4.i386.rpm ia64: freetype-2.1.9-20.el4.i386.rpm freetype-2.1.9-20.el4.ia64.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.ia64.rpm freetype-demos-2.1.9-20.el4.ia64.rpm freetype-devel-2.1.9-20.el4.ia64.rpm freetype-utils-2.1.9-20.el4.ia64.rpm x86_64: freetype-2.1.9-20.el4.i386.rpm freetype-2.1.9-20.el4.x86_64.rpm freetype-debuginfo-2.1.9-20.el4.i386.rpm freetype-debuginfo-2.1.9-20.el4.x86_64.rpm freetype-demos-2.1.9-20.el4.x86_64.rpm freetype-devel-2.1.9-20.el4.x86_64.rpm freetype-utils-2.1.9-20.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/freetype-2.2.1-28.el5_7.1.src.rpm i386: freetype-2.2.1-28.el5_7.1.i386.rpm freetype-debuginfo-2.2.1-28.el5_7.1.i386.rpm x86_64: freetype-2.2.1-28.el5_7.1.i386.rpm freetype-2.2.1-28.el5_7.1.x86_64.rpm freetype-debuginfo-2.2.1-28.el5_7.1.i386.rpm freetype-debuginfo-2.2.1-28.el5_7.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/freetype-2.2.1-28.el5_7.1.src.rpm i386: freetype-debuginfo-2.2.1-28.el5_7.1.i386.rpm freetype-demos-2.2.1-28.el5_7.1.i386.rpm freetype-devel-2.2.1-28.el5_7.1.i386.rpm x86_64: freetype-debuginfo-2.2.1-28.el5_7.1.i386.rpm freetype-debuginfo-2.2.1-28.el5_7.1.x86_64.rpm freetype-demos-2.2.1-28.el5_7.1.x86_64.rpm freetype-devel-2.2.1-28.el5_7.1.i386.rpm freetype-devel-2.2.1-28.el5_7.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/freetype-2.2.1-28.el5_7.1.src.rpm i386: freetype-2.2.1-28.el5_7.1.i386.rpm freetype-debuginfo-2.2.1-28.el5_7.1.i386.rpm freetype-demos-2.2.1-28.el5_7.1.i386.rpm freetype-devel-2.2.1-28.el5_7.1.i386.rpm ia64: freetype-2.2.1-28.el5_7.1.i386.rpm freetype-2.2.1-28.el5_7.1.ia64.rpm freetype-debuginfo-2.2.1-28.el5_7.1.i386.rpm freetype-debuginfo-2.2.1-28.el5_7.1.ia64.rpm freetype-demos-2.2.1-28.el5_7.1.ia64.rpm freetype-devel-2.2.1-28.el5_7.1.ia64.rpm ppc: freetype-2.2.1-28.el5_7.1.ppc.rpm freetype-2.2.1-28.el5_7.1.ppc64.rpm freetype-debuginfo-2.2.1-28.el5_7.1.ppc.rpm freetype-debuginfo-2.2.1-28.el5_7.1.ppc64.rpm freetype-demos-2.2.1-28.el5_7.1.ppc.rpm freetype-devel-2.2.1-28.el5_7.1.ppc.rpm freetype-devel-2.2.1-28.el5_7.1.ppc64.rpm s390x: freetype-2.2.1-28.el5_7.1.s390.rpm freetype-2.2.1-28.el5_7.1.s390x.rpm freetype-debuginfo-2.2.1-28.el5_7.1.s390.rpm freetype-debuginfo-2.2.1-28.el5_7.1.s390x.rpm freetype-demos-2.2.1-28.el5_7.1.s390x.rpm freetype-devel-2.2.1-28.el5_7.1.s390.rpm freetype-devel-2.2.1-28.el5_7.1.s390x.rpm x86_64: freetype-2.2.1-28.el5_7.1.i386.rpm freetype-2.2.1-28.el5_7.1.x86_64.rpm freetype-debuginfo-2.2.1-28.el5_7.1.i386.rpm freetype-debuginfo-2.2.1-28.el5_7.1.x86_64.rpm freetype-demos-2.2.1-28.el5_7.1.x86_64.rpm freetype-devel-2.2.1-28.el5_7.1.i386.rpm freetype-devel-2.2.1-28.el5_7.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm i386: freetype-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm x86_64: freetype-2.3.11-6.el6_1.7.i686.rpm freetype-2.3.11-6.el6_1.7.x86_64.rpm freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm i386: freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-demos-2.3.11-6.el6_1.7.i686.rpm freetype-devel-2.3.11-6.el6_1.7.i686.rpm x86_64: freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm freetype-demos-2.3.11-6.el6_1.7.x86_64.rpm freetype-devel-2.3.11-6.el6_1.7.i686.rpm freetype-devel-2.3.11-6.el6_1.7.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm x86_64: freetype-2.3.11-6.el6_1.7.i686.rpm freetype-2.3.11-6.el6_1.7.x86_64.rpm freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm x86_64: freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm freetype-demos-2.3.11-6.el6_1.7.x86_64.rpm freetype-devel-2.3.11-6.el6_1.7.i686.rpm freetype-devel-2.3.11-6.el6_1.7.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm i386: freetype-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-devel-2.3.11-6.el6_1.7.i686.rpm ppc64: freetype-2.3.11-6.el6_1.7.ppc.rpm freetype-2.3.11-6.el6_1.7.ppc64.rpm freetype-debuginfo-2.3.11-6.el6_1.7.ppc.rpm freetype-debuginfo-2.3.11-6.el6_1.7.ppc64.rpm freetype-devel-2.3.11-6.el6_1.7.ppc.rpm freetype-devel-2.3.11-6.el6_1.7.ppc64.rpm s390x: freetype-2.3.11-6.el6_1.7.s390.rpm freetype-2.3.11-6.el6_1.7.s390x.rpm freetype-debuginfo-2.3.11-6.el6_1.7.s390.rpm freetype-debuginfo-2.3.11-6.el6_1.7.s390x.rpm freetype-devel-2.3.11-6.el6_1.7.s390.rpm freetype-devel-2.3.11-6.el6_1.7.s390x.rpm x86_64: freetype-2.3.11-6.el6_1.7.i686.rpm freetype-2.3.11-6.el6_1.7.x86_64.rpm freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm freetype-devel-2.3.11-6.el6_1.7.i686.rpm freetype-devel-2.3.11-6.el6_1.7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm i386: freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-demos-2.3.11-6.el6_1.7.i686.rpm ppc64: freetype-debuginfo-2.3.11-6.el6_1.7.ppc64.rpm freetype-demos-2.3.11-6.el6_1.7.ppc64.rpm s390x: freetype-debuginfo-2.3.11-6.el6_1.7.s390x.rpm freetype-demos-2.3.11-6.el6_1.7.s390x.rpm x86_64: freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm freetype-demos-2.3.11-6.el6_1.7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm i386: freetype-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-devel-2.3.11-6.el6_1.7.i686.rpm x86_64: freetype-2.3.11-6.el6_1.7.i686.rpm freetype-2.3.11-6.el6_1.7.x86_64.rpm freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm freetype-devel-2.3.11-6.el6_1.7.i686.rpm freetype-devel-2.3.11-6.el6_1.7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/freetype-2.3.11-6.el6_1.7.src.rpm i386: freetype-debuginfo-2.3.11-6.el6_1.7.i686.rpm freetype-demos-2.3.11-6.el6_1.7.i686.rpm x86_64: freetype-debuginfo-2.3.11-6.el6_1.7.x86_64.rpm freetype-demos-2.3.11-6.el6_1.7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-3256.html https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFOpv7zXlSAg2UNWIIRAtxRAJ9yxP+ABOboEq9+fB+RnBOLIUp/XgCePltE cL8BidDpB1YhdkDs+bUyhbU= =qAkG -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

arbitrary

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Reported by the vendo

SOURCES

LAST UPDATE DATE

2024-11-23T20:07:44.269000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE