LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Ubuntu alert USN-1403-1 (freetype)



From:
    	      Tyler Hicks <tyhicks@canonical.com> 


To:
    	      ubuntu-security-announce@lists.ubuntu.com 


Subject:
    	      [USN-1403-1] FreeType vulnerabilities 


Date:
    	      Thu, 22 Mar 2012 22:56:00 -0500


Message-ID:
    	      <20120323035559.GA17008@boyd>


==========================================================================
Ubuntu Security Notice USN-1403-1
March 23, 2012

freetype vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
- Ubuntu 8.04 LTS

Summary:

FreeType could be made to crash or run programs as your login if it opened a
specially crafted font file.

Software Description:
- freetype: FreeType 2 is a font engine library

Details:

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed BDF font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause FreeType to crash. (CVE-2012-1126)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed BDF font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause FreeType to crash. (CVE-2012-1127)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed TrueType font files. If a user were tricked into using a specially
crafted font file, a remote attacker could cause FreeType to crash.
(CVE-2012-1128)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed Type42 font files. If a user were tricked into using a specially
crafted font file, a remote attacker could cause FreeType to crash.
(CVE-2012-1129)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed PCF font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause FreeType to crash. (CVE-2012-1130)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed TrueType font files. If a user were tricked into using a specially
crafted font file, a remote attacker could cause FreeType to crash.
(CVE-2012-1131)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed Type1 font files. If a user were tricked into using a specially
crafted font file, a remote attacker could cause FreeType to crash.
(CVE-2012-1132)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed BDF font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause FreeType to crash or possibly execute
arbitrary code with user privileges. (CVE-2012-1133)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed Type1 font files. If a user were tricked into using a specially
crafted font file, a remote attacker could cause FreeType to crash or possibly
execute arbitrary code with user privileges. (CVE-2012-1134)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed TrueType font files. If a user were tricked into using a specially
crafted font file, a remote attacker could cause FreeType to crash.
(CVE-2012-1135)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed BDF font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause FreeType to crash or possibly execute
arbitrary code with user privileges. (CVE-2012-1136)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed BDF font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause FreeType to crash. (CVE-2012-1137)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed TrueType font files. If a user were tricked into using a specially
crafted font file, a remote attacker could cause FreeType to crash.
(CVE-2012-1138)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed BDF font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause FreeType to crash. (CVE-2012-1139)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed PostScript font files. If a user were tricked into using a specially
crafted font file, a remote attacker could cause FreeType to crash.
(CVE-2012-1140)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed BDF font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause FreeType to crash. (CVE-2012-1141)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed Windows FNT/FON font files. If a user were tricked into using a
specially crafted font file, a remote attacker could cause FreeType to crash.
(CVE-2012-1142)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause FreeType to crash. (CVE-2012-1143)

Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed TrueType font files. If a user were tricked into using a specially
crafted font file, a remote attacker could cause FreeType to crash or possibly
execute arbitrary code with user privileges. (CVE-2012-1144)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.10:
  libfreetype6                    2.4.4-2ubuntu1.2

Ubuntu 11.04:
  libfreetype6                    2.4.4-1ubuntu2.3

Ubuntu 10.10:
  libfreetype6                    2.4.2-2ubuntu0.4

Ubuntu 10.04 LTS:
  libfreetype6                    2.3.11-1ubuntu2.6

Ubuntu 8.04 LTS:
  libfreetype6                    2.3.5-1ubuntu4.8.04.9

After a standard system update you need to restart your session to make
all the necessary changes.

References:
  http://www.ubuntu.com/usn/usn-1403-1
  CVE-2012-1126, CVE-2012-1127, CVE-2012-1128, CVE-2012-1129,
  CVE-2012-1130, CVE-2012-1131, CVE-2012-1132, CVE-2012-1133,
  CVE-2012-1134, CVE-2012-1135, CVE-2012-1136, CVE-2012-1137,
  CVE-2012-1138, CVE-2012-1139, CVE-2012-1140, CVE-2012-1141,
  CVE-2012-1142, CVE-2012-1143, CVE-2012-1144

Package Information:
  https://launchpad.net/ubuntu/+source/freetype/2.4.4-2ubun...
  https://launchpad.net/ubuntu/+source/freetype/2.4.4-1ubun...
  https://launchpad.net/ubuntu/+source/freetype/2.4.2-2ubun...
  https://launchpad.net/ubuntu/+source/freetype/2.3.11-1ubu...
  https://launchpad.net/ubuntu/+source/freetype/2.3.5-1ubun...

-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds