freetype-2.2.1-28.0.1.AXS3
エラータID: AXSA:2010-460:03
リリース日:
2010/10/14 Thursday - 15:24
題名:
freetype-2.2.1-28.0.1.AXS3
影響のあるチャネル:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- FreeType の t42_parse_sfnts で Array index error が存在し, FontType42 フォントファイルのある文字列の負のサイズ値によって, リモートの攻撃者がサービス拒否 (アプリケーションのクラッシュ) を引き起こしたり, あるいは任意のコードを実行する可能性のある脆弱性があります。(CVE-2010-2806)
- FreeType の Mac_Read_POST_Resource 関数にはバッファオーバーフローが存在し, 巧妙に細工された Adobe Type 1 Mac フォントファイルによって, リモートの攻撃者がサービス拒否 (メモリ破壊とアプリケーションのクラッシュ) を引き起こしたり, 任意のコードを実行する可能性のある脆弱性があります。(CVE-2010-2808)
- FreeType には ネストした Standard Encoding Accented Character コールによって, リモートの攻撃者がサービス拒否を引き起こす脆弱性があります。(CVE-2010-3054)
現時点では CVE-2010-3311 の情報が公開されておりません。
CVEの情報が公開され次第情報をアップデートいたします。
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2010-2806
Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow.
Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow.
CVE-2010-2808
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font.
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font.
CVE-2010-3054
Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character (aka seac) calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode.c.
Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character (aka seac) calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode.c.
CVE-2010-3311
Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an "input stream position error" issue, a different vulnerability than CVE-2010-1797.
Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an "input stream position error" issue, a different vulnerability than CVE-2010-1797.
追加情報:
N/A
ダウンロード:
SRPMS
- freetype-2.2.1-28.0.1.AXS3.src.rpm
MD5: de7c1956be9eb13209f6d0975effd30e
SHA-256: 0c178817d32a5b332b7e262e7016d8580203cbad316303fd6488b2cf95541c92
Size: 1.43 MB
Asianux Server 3 for x86
- freetype-2.2.1-28.0.1.AXS3.i386.rpm
MD5: a0f91c0251ff336f055362ae035e6ab4
SHA-256: 6955649bf213be0e5c7d3acb2837e2a26b368635ac9cde6a2da6399a824a4757
Size: 604.08 kB - freetype-demos-2.2.1-28.0.1.AXS3.i386.rpm
MD5: 98106a0420005e826e81758eca27bf9c
SHA-256: c49a3a8537a6e3e0fabfb7563f19dcdf1379e97a023fa0bff9f7a078e2406ff8
Size: 154.70 kB - freetype-devel-2.2.1-28.0.1.AXS3.i386.rpm
MD5: 64d351c0eefab708bcf803dfaf607393
SHA-256: 6310dfbcd7257ec0af43148c03c72f7859b3520d8abf16808953d695c677b1bc
Size: 149.57 kB
Asianux Server 3 for x86_64
- freetype-2.2.1-28.0.1.AXS3.x86_64.rpm
MD5: dc702c8e62c68e4ce022699c12ef173e
SHA-256: 925ade5d6b499a7bb0921c8c3041234190652aab848ed950ab0b4cb0f2d870f0
Size: 601.92 kB - freetype-demos-2.2.1-28.0.1.AXS3.x86_64.rpm
MD5: 3244e6626980faab7e01d94b8fb5016b
SHA-256: 4db11e55a2ad38f65107c6abe1dd1627782c78cb51c7d0595417ebcc6908fab1
Size: 162.74 kB - freetype-devel-2.2.1-28.0.1.AXS3.x86_64.rpm
MD5: d6e0061bb260c411378d8b9bba6ba4a8
SHA-256: 80c3cd075d3130a79a5d3912be3791ca54561d6b965d1f2b58d372bee91b6a97
Size: 149.56 kB