RHSA-2009:0329: Important: freetype security update

First published: Fri May 22 2009(Updated: )

FreeType is a free, high-quality, portable font engine that can open and<br>manage font files. It also loads, hints, and renders individual glyphs<br>efficiently. These packages provide both the FreeType 1 and FreeType 2<br>font engines.<br>Tavis Ormandy of the Google Security Team discovered several integer<br>overflow flaws in the FreeType 2 font engine. If a user loaded a<br>carefully-crafted font file with an application linked against FreeType 2,<br>it could cause the application to crash or, possibly, execute arbitrary<br>code with the privileges of the user running the application.<br>(CVE-2009-0946)<br>Chris Evans discovered multiple integer overflow flaws in the FreeType font<br>engine. If a user loaded a carefully-crafted font file with an application<br>linked against FreeType, it could cause the application to crash or,<br>possibly, execute arbitrary code with the privileges of the user running<br>the application. (CVE-2006-1861)<br>An integer overflow flaw was found in the way the FreeType font engine<br>processed TrueType® Font (TTF) files. If a user loaded a carefully-crafted<br>font file with an application linked against FreeType, it could cause the<br>application to crash or, possibly, execute arbitrary code with the<br>privileges of the user running the application. (CVE-2007-2754)<br>A flaw was discovered in the FreeType TTF font-file format parser when the<br>TrueType virtual machine Byte Code Interpreter (BCI) is enabled. If a user<br>loaded a carefully-crafted font file with an application linked against<br>FreeType, it could cause the application to crash or, possibly, execute<br>arbitrary code with the privileges of the user running the application.<br>(CVE-2008-1808)<br>The CVE-2008-1808 flaw did not affect the freetype packages as distributed<br>in Red Hat Enterprise Linux 3 and 4, as they are not compiled with TrueType<br>BCI support. A fix for this flaw has been included in this update as users<br>may choose to recompile the freetype packages in order to enable TrueType<br>BCI support. Red Hat does not, however, provide support for modified and<br>recompiled packages.<br>Note: For the FreeType 2 font engine, the CVE-2006-1861, CVE-2007-2754,<br>and CVE-2008-1808 flaws were addressed via RHSA-2006:0500, RHSA-2007:0403,<br>and RHSA-2008:0556 respectively. This update provides corresponding<br>updates for the FreeType 1 font engine, included in the freetype packages<br>distributed in Red Hat Enterprise Linux 3 and 4.<br>Users are advised to upgrade to these updated packages, which contain<br>backported patches to correct these issues. The X server must be restarted<br>(log out, then log back in) for this update to take effect.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/description
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• agent/references
• agent/remedy
• agent/severity
• agent/softwarecombine
• agent/tags
• agent/title
• agent/type
• agent/weakness
• collector/redhat-errata
• source/Red Hat
• anchor-id/RHSA-2009:0329
• agent/software-canonical-lookup
• package-manager/redhat