Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2011-1085

Опубликовано: 21 июл. 2011
Источник: oracle-oval
Платформа: Oracle Linux 6

Описание

ELSA-2011-1085: freetype security update (IMPORTANT)

[2.3.11-6.el6_1.6]

  • A little change in configure part
  • Resolves: #723467

[2.3.11-6.el6_1.5]

  • Use -fno-strict-aliasing instead of attribute((may_alias))
  • Resolves: #723467

[2.3.11-6.el6_1.4]

  • Allow FT_Glyph to alias (to pass Rpmdiff)
  • Resolves: #723467

[2.3.11-6.el6_1.3]

  • Add freetype-2.3.11-CVE-2011-0226.patch (Add better argument check for 'callothersubr'.)
    • based on patches by Werner Lemberg, Alexei Podtelezhnikov and Matthias Drochner
  • Resolves: #723467

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

freetype

2.3.11-6.el6_1.6

freetype-demos

2.3.11-6.el6_1.6

freetype-devel

2.3.11-6.el6_1.6

Oracle Linux i686

freetype

2.3.11-6.el6_1.6

freetype-demos

2.3.11-6.el6_1.6

freetype-devel

2.3.11-6.el6_1.6

Связанные CVE

CVE-2011-0226

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2011-0226

ubuntu
почти 14 лет назад

Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.

redhat логотип

CVE-2011-0226

redhat
почти 14 лет назад

Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.

nvd логотип

CVE-2011-0226

nvd
почти 14 лет назад

Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.

debian логотип

CVE-2011-0226

debian
почти 14 лет назад

Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, ...

github логотип

GHSA-85gm-r6vh-gfc5

github
около 3 лет назад

Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.