Recent Features
| ||||||||||||||||
Fedora alert FEDORA-2007-2343 (t1lib)
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-2343 2007-09-28 21:21:40.573461 -------------------------------------------------------------------------------- Name : t1lib Product : Fedora 7 Version : 5.1.1 Release : 3.fc7 URL : ftp://sunsite.unc.edu/pub/Linux/libs/graphics Summary : PostScript Type 1 font rasterizer Description : T1lib is a rasterizer library for Adobe Type 1 Fonts. It supports rotation and transformation, kerning underlining and antialiasing. It does not depend on X11, but does provides some special functions for X11. AFM-files can be generated from Type 1 font files and font subsetting is possible. -------------------------------------------------------------------------------- Update Information: This is most likely not exploitable on Fedora, due to FORTIFY_SOURCE protection, as the overflow is strcat() call which is protected. This update has a patch that avoids the call where the overflow would occur. -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 27 2007 Jos?atos <jamatos[AT]fc.up.pt> - 5.1.1-3 - Apply patch to fix CVE-2007-4033 * Tue Aug 28 2007 Jos?atos <jamatos[AT]fc.up.pt> - 5.1.1-2 - License fix, rebuild for devel (F8). * Thu Jun 7 2007 Jos?atos <jamatos[AT]fc.up.pt> - 5.1.1-1 - Update to 5.1.1. - Remove t1lib-5.1.0-destdir.patch (applied upstream). -------------------------------------------------------------------------------- References: [ 1 ] Bug #303021 - CVE-2007-4033 Buffer overflow in t1lib triggerable by long filename string https://bugzilla.redhat.com/show_bug.cgi?id=303021 [ 2 ] CVE-2007-4033 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-200... -------------------------------------------------------------------------------- Updated packages: 81bdcde6dbf9b9e4130544fd2493434671c1fee2 t1lib-debuginfo-5.1.1-3.fc7.ppc64.rpm c64f11e4f89f6b065ec0a6d236e9e2df4cc03c60 t1lib-devel-5.1.1-3.fc7.ppc64.rpm b2d8aca754e8ac5d1345b509a24e0b47780dc221 t1lib-5.1.1-3.fc7.ppc64.rpm 4175603f9f32a2c5a2bcf3f528225e4c64a1f10b t1lib-devel-5.1.1-3.fc7.i386.rpm 6547e77817fe39768d94ebba3b704109ac741ca4 t1lib-debuginfo-5.1.1-3.fc7.i386.rpm 6bdca51e734f299be7b4073f8416c9851c5ee7f5 t1lib-5.1.1-3.fc7.i386.rpm a643ae032988f1d53406f90f5456df5cd6a6496a t1lib-devel-5.1.1-3.fc7.x86_64.rpm 8d4d24ad8845891523022444b15b9a8c9b8ab6a5 t1lib-debuginfo-5.1.1-3.fc7.x86_64.rpm 8f430463ca8d524a87afa181338dc71fc80fb18f t1lib-5.1.1-3.fc7.x86_64.rpm 756e1c529f5906ea7703ba04acf53996e40b5bfb t1lib-devel-5.1.1-3.fc7.ppc.rpm a21ab52ec28700e51cc9c23760604ce00cba54af t1lib-debuginfo-5.1.1-3.fc7.ppc.rpm ebdb0c258c02e084d1f4da873c0d3a85464c560b t1lib-5.1.1-3.fc7.ppc.rpm 23be7d55b85d68cdcd9cfeca3a297caca8b217aa t1lib-5.1.1-3.fc7.src.rpm This update can be installed with the "yum" update program. Use su -c 'yum update t1lib' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-ann... (Log in to post comments)
|
||||||||||||||||