ELSA-2015-0696

Описание

[2.3.11-15.el6_6.1]

• Fixes CVE-2014-9657
  • Check minimum size of record_size.
• Fixes CVE-2014-9658
  • Use correct value for minimum table length test.
• Fixes CVE-2014-9675
  • New macro that checks one character more than strncmp.
• Fixes CVE-2014-9660
  • Check _BDF_GLYPH_BITS.
• Fixes CVE-2014-9661
  • Initialize face->ttf_size.
  • Always set face->ttf_size directly.
  • Exclusively use the truetype font driver for loading the font contained in the sfnts array.
• Fixes CVE-2014-9663
  • Fix order of validity tests.
• Fixes CVE-2014-9664
  • Add another boundary testing.
  • Fix boundary testing.
• Fixes CVE-2014-9667
  • Protect against addition overflow.
• Fixes CVE-2014-9669
  • Protect against overflow in additions and multiplications.
• Fixes CVE-2014-9670
  • Add sanity checks for row and column values.
• Fixes CVE-2014-9671
  • Check size and offset values.
• Fixes CVE-2014-9673
  • Fix integer overflow by a broken POST table in resource-fork.
• Fixes CVE-2014-9674
  • Fix integer overflow by a broken POST table in resource-fork.
  • Additional overflow check in the summation of POST fragment lengths.
• Work around behaviour of X11s pcfWriteFont and pcfReadFont functions
• Resolves: #1197737

[2.3.11-15]

• Fix CVE-2012-5669 (Use correct array size for checking glyph_enc)
• Resolves: #903543