freetype-2.9.1-9.el8

エラータID: AXSA:2022-4133:01

Release date: 
Thursday, November 24, 2022 - 11:58
Subject: 
freetype-2.9.1-9.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently.

Security Fix(es):

* FreeType: Buffer overflow in sfnt_init_face (CVE-2022-27404)
* FreeType: Segmentation violation via FNT_Size_Request (CVE-2022-27405)
* Freetype: Segmentation violation via FT_Request_Size (CVE-2022-27406)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-27404
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
CVE-2022-27405
FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.
CVE-2022-27406
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.

Solution: 

Update packages.

CVEs: 
CVE-2022-27404
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
CVE-2022-27405
FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.
CVE-2022-27406
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.
Additional Info: 

N/A

Download: 

SRPMS
  1. freetype-2.9.1-9.el8.src.rpm
    MD5: c4f6338283bb9bc03c46a6758dba0839
    SHA-256: 62d495234549be40c6d8f733589608d17b57aa9f8c0b60fe032510b911866824
    Size: 4.14 MB

Asianux Server 8 for x86_64
  1. freetype-2.9.1-9.el8.x86_64.rpm
    MD5: 980d4023aa9801607cbe7f5acfaf34df
    SHA-256: 68929671abd2c8e5543fc130e0cbdb14a7cce90b671ca6db12c03be7e0516237
    Size: 392.81 kB
  2. freetype-devel-2.9.1-9.el8.x86_64.rpm
    MD5: 5f2f315053578ddf11f2a3abc6ce318b
    SHA-256: a209286940f156fa68a8e2057d2d403b4ea15df7a5349330b35fe365e57b7f35
    Size: 463.45 kB
  3. freetype-2.9.1-9.el8.i686.rpm
    MD5: 7f50d5696337837ef782c0f5650a58e7
    SHA-256: 0d9dcfe306c644d8df64eab2d0eb4737460e6e03eff85b5f159032c572051366
    Size: 410.46 kB
  4. freetype-devel-2.9.1-9.el8.i686.rpm
    MD5: f81dea4c51ce3cc06cf9d7933b6ccb1b
    SHA-256: 695f6bec462a1eb21f37085f63b477369306410a204793b314ef5fe0e69b0750
    Size: 463.47 kB