User: Password:
|
|
Subscribe / Log in / New account

SUSE alert SUSE-SU-2012:0553-1 (freetype2)

From:  opensuse-security@opensuse.org
To:  opensuse-security-announce@opensuse.org
Subject:  [security-announce] SUSE-SU-2012:0553-1: important: Security update for freetype2
Date:  Mon, 23 Apr 2012 18:08:18 +0200 (CEST)
Message-ID:  <20120423160818.D3C4032403@maintenance.suse.de>
Archive-link:  Article, Thread

SUSE Security Update: Security update for freetype2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2012:0553-1 Rating: important References: #619562 #628213 #629447 #633938 #633943 #635692 #647375 #709851 #728044 #730124 #750937 #750938 #750939 #750940 #750941 #750943 #750945 #750946 #750947 #750948 #750949 #750950 #750951 #750952 #750953 #750955 Cross-References: CVE-2010-1797 CVE-2010-2497 CVE-2010-2498 CVE-2010-2499 CVE-2010-2500 CVE-2010-2519 CVE-2010-2520 CVE-2010-2527 CVE-2010-2541 CVE-2010-2805 CVE-2010-3053 CVE-2010-3054 CVE-2010-3311 CVE-2010-3814 CVE-2010-3855 CVE-2011-2895 CVE-2011-3256 CVE-2011-3439 CVE-2012-1126 CVE-2012-1127 CVE-2012-1129 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1133 CVE-2012-1134 CVE-2012-1135 CVE-2012-1136 CVE-2012-1137 CVE-2012-1138 CVE-2012-1139 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 Affected Products: SUSE Linux Enterprise Server 10 SP2 ______________________________________________________________________________ An update that fixes 34 vulnerabilities is now available. Description: Specially crafted font files could have caused buffer overflows in freetype, which could have been exploited for remote code execution. Security Issue references: * CVE-2012-1141 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1141 > * CVE-2012-1132 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1132 > * CVE-2012-1138 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1138 > * CVE-2012-1139 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1139 > * CVE-2011-2895 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2895 > * CVE-2012-1130 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1130 > * CVE-2010-3311 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3311 > * CVE-2012-1134 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1134 > * CVE-2010-2805 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2805 > * CVE-2010-3814 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3814 > * CVE-2012-1127 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1127 > * CVE-2012-1126 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1126 > * CVE-2010-1797 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1797 > * CVE-2010-3855 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3855 > * CVE-2010-2497 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2497 > * CVE-2012-1142 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1142 > * CVE-2010-3053 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3053 > * CVE-2012-1133 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1133 > * CVE-2012-1137 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1137 > * CVE-2011-3439 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3439 > * CVE-2012-1136 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1136 > * CVE-2012-1143 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1143 > * CVE-2011-3256 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3256 > * CVE-2012-1129 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1129 > * CVE-2012-1131 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1131 > * CVE-2010-3054 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3054 > * CVE-2012-1135 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1135 > * CVE-2010-2498 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2498 > * CVE-2010-2499 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2499 > * CVE-2010-2500 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2500 > * CVE-2010-2519 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2519 > * CVE-2010-2520 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2520 > * CVE-2010-2527 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2527 > * CVE-2010-2541 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2541 > Package List: - SUSE Linux Enterprise Server 10 SP2 (i586 s390x x86_64): freetype2-2.1.10-18.22.21.25 freetype2-devel-2.1.10-18.22.21.25 ft2demos-2.1.10-19.18.21.7 - SUSE Linux Enterprise Server 10 SP2 (s390x x86_64): freetype2-32bit-2.1.10-18.22.21.25 freetype2-devel-32bit-2.1.10-18.22.21.25 References: http://support.novell.com/security/cve/CVE-2010-1797.html http://support.novell.com/security/cve/CVE-2010-2497.html http://support.novell.com/security/cve/CVE-2010-2498.html http://support.novell.com/security/cve/CVE-2010-2499.html http://support.novell.com/security/cve/CVE-2010-2500.html http://support.novell.com/security/cve/CVE-2010-2519.html http://support.novell.com/security/cve/CVE-2010-2520.html http://support.novell.com/security/cve/CVE-2010-2527.html http://support.novell.com/security/cve/CVE-2010-2541.html http://support.novell.com/security/cve/CVE-2010-2805.html http://support.novell.com/security/cve/CVE-2010-3053.html http://support.novell.com/security/cve/CVE-2010-3054.html http://support.novell.com/security/cve/CVE-2010-3311.html http://support.novell.com/security/cve/CVE-2010-3814.html http://support.novell.com/security/cve/CVE-2010-3855.html http://support.novell.com/security/cve/CVE-2011-2895.html http://support.novell.com/security/cve/CVE-2011-3256.html http://support.novell.com/security/cve/CVE-2011-3439.html http://support.novell.com/security/cve/CVE-2012-1126.html http://support.novell.com/security/cve/CVE-2012-1127.html http://support.novell.com/security/cve/CVE-2012-1129.html http://support.novell.com/security/cve/CVE-2012-1130.html http://support.novell.com/security/cve/CVE-2012-1131.html http://support.novell.com/security/cve/CVE-2012-1132.html http://support.novell.com/security/cve/CVE-2012-1133.html http://support.novell.com/security/cve/CVE-2012-1134.html http://support.novell.com/security/cve/CVE-2012-1135.html http://support.novell.com/security/cve/CVE-2012-1136.html http://support.novell.com/security/cve/CVE-2012-1137.html http://support.novell.com/security/cve/CVE-2012-1138.html http://support.novell.com/security/cve/CVE-2012-1139.html http://support.novell.com/security/cve/CVE-2012-1141.html http://support.novell.com/security/cve/CVE-2012-1142.html http://support.novell.com/security/cve/CVE-2012-1143.html https://bugzilla.novell.com/619562 https://bugzilla.novell.com/628213 https://bugzilla.novell.com/629447 https://bugzilla.novell.com/633938 https://bugzilla.novell.com/633943 https://bugzilla.novell.com/635692 https://bugzilla.novell.com/647375 https://bugzilla.novell.com/709851 https://bugzilla.novell.com/728044 https://bugzilla.novell.com/730124 https://bugzilla.novell.com/750937 https://bugzilla.novell.com/750938 https://bugzilla.novell.com/750939 https://bugzilla.novell.com/750940 https://bugzilla.novell.com/750941 https://bugzilla.novell.com/750943 https://bugzilla.novell.com/750945 https://bugzilla.novell.com/750946 https://bugzilla.novell.com/750947 https://bugzilla.novell.com/750948 https://bugzilla.novell.com/750949 https://bugzilla.novell.com/750950 https://bugzilla.novell.com/750951 https://bugzilla.novell.com/750952 https://bugzilla.novell.com/750953 https://bugzilla.novell.com/750955 http://download.novell.com/patch/finder/?keywords=7476e36... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds