Forum: >>> Magnum BBS <<<

[SECURITY] [DSA-2116-1] New freetype packages integer overflow (1/2)

From Stefan Fritsch@1:229/2 to All on Mon Oct 4 23:10:02 2010

From: [email protected]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------ Debian Security Advisory DSA-2116-1 [email protected] http://www.debian.org/security/ Stefan Fritsch October 4, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : freetype
Vulnerability : integer overflow
Problem type : local (remote)
Debian-specific: no
CVE Id(s) : CVE-2010-3311

Marc Schoenefeld has found an input stream position error in the
way the FreeType font rendering engine processed input file streams.
If a user loaded a specially-crafted font file with an application
linked against FreeType and relevant font glyphs were subsequently
rendered with the X FreeType library (libXft), it could cause the
application to crash or, possibly execute arbitrary code.

After the upgrade, all running applications and services that use
libfreetype6 should be restarted. In most cases, logging out and
in again should be enough. The script checkrestart from the
debian-goodies package or lsof may help to find out which
processes are still using the old version of libfreetype6.

For the stable distribution (lenny), these problems have been fixed in
version 2.3.7-2+lenny4.

The testing distribution (squeeze) and the unstable distribution (sid)
are not affected by this problem.

We recommend that you upgrade your freetype packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny (stable)
- -----------------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny4.dsc
Size/MD5 checksum: 1211 e8eb7bb3966d14fc5b66857a7300e6b2
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7.orig.tar.gz
Size/MD5 checksum: 1567540 c1a9f44fde316470176fd6d66af3a0e8
http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny4.diff.gz
Size/MD5 checksum: 39401 d1d5bb90167dec40ba9c7d994ccefeef

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny4_alpha.deb
Size/MD5 checksum: 253790 be62a4d4ef74375620fd1ba0e4748ca2
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny4_alpha.udeb
Size/MD5 checksum: 296640 3fc9c9db1b1f31fea8c072f1600a0cc3
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny4_alpha.deb
Size/MD5 checksum: 412358 cec01c79c128cd15812695a0b0874506
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny4_alpha.deb
Size/MD5 checksum: 775326 410bc831483dccfc0a6c18de7e71cba9

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny4_amd64.deb
Size/MD5 checksum: 223156 d92fce04f6d6eb160f3a69a6170094fe
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny4_amd64.deb
Size/MD5 checksum: 713268 1328888db2fe01093eb46b1d136b393e
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny4_amd64.deb
Size/MD5 checksum: 385884 3b31b35c1268c5fe9e7d9c2f88721c4c
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny4_amd64.udeb
Size/MD5 checksum: 269788 8c8b189b990973dea4dc649a3ee1f375

arm architecture (ARM)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny4_arm.deb
Size/MD5 checksum: 357226 e30d0721701c76d97d834f972cb6e6f4
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny4_arm.deb
Size/MD5 checksum: 686184 002d550193037299794065785dbbe415
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny4_arm.deb
Size/MD5 checksum: 205108 871c6d806eca839ffae94a99bcfb57ae
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny4_arm.udeb
Size/MD5 checksum: 242208 4d86dc1a4ab0c534a16e99deebc1fc74

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny4_armel.udeb
Size/MD5 checksum: 236558 e01e2ed47b976afb2f2cf076d774dc22
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny4_armel.deb
Size/MD5 checksum: 212146 b91df649946fd0fec0ec5e2af160605e
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny4_armel.deb
Size/MD5 checksum: 683786 7f107b637d992d5985b119509d9e22dd
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny4_armel.deb
Size/MD5 checksum: 353416 6cf178afdf3a4834811e9e468dbf4c5f

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny4_hppa.udeb
Size/MD5 checksum: 273970 c7b3ba59505abbbc513b05aa6344d2f8
http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny4_hppa.deb
Size/MD5 checksum: 226860 4f784b27a1bdc448ef773e745ae57c8a
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny4_hppa.deb
Size/MD5 checksum: 725000 b2be1195d0d730de3b0212882beb5ab8
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny4_hppa.deb
Size/MD5 checksum: 390482 9bedead1c79c9ab100235a35cb8292fd

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny4_i386.udeb
Size/MD5 checksum: 254446 0711a5a4840a60609eab1600f30059cc
http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny4_i386.deb
Size/MD5 checksum: 371210 0c0ec7ed3c5431522854a63a2472c086

[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)

Who's Online
Recent Visitors
- Krenn
  Sun Jun 7 01:30:12 2026
  from Sydney, Nsw via Telnet
- Centurion
  Sat Jun 6 23:27:30 2026
  from Berea, Ohio via Telnet
- Ab Cadd
  Sat Jun 6 15:42:53 2026
  from Sheboygan, Wi via Telnet
- Centurion
  Sat Jun 6 15:32:28 2026
  from Berea, Ohio via Telnet
- Krenn
  Sat Jun 6 11:38:56 2026
  from Sydney, Nsw via Telnet
- Furryboy
  Sat Jun 6 10:56:29 2026
  from Romania, Galati via SSH
- Centurion
  Fri Jun 5 22:28:01 2026
  from Berea, Ohio via Telnet
- Ab Cadd
  Fri Jun 5 17:52:51 2026
  from Sheboygan, Wi via Telnet

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	715
Nodes:	16 (2 / 14)
Uptime:	157:00:05
Calls:	12,093
Calls today:	1
Files:	15,000
Messages:	6,517,746

[SECURITY] [DSA-2116-1] New freetype packages integer overflow (1/2)

Who's Online

Recent Visitors

System Info