Skip to navigation

Security Advisory Important: freetype security update

Advisory: RHSA-2010:0737-1
Type: Security Advisory
Severity: Important
Issued on: 2010-10-04
Last updated on: 2010-10-04
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.8.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.8.z)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2010-2806
CVE-2010-2808
CVE-2010-3054
CVE-2010-3311

Details

Updated freetype packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 4 and 5.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

FreeType is a free, high-quality, portable font engine that can open and
manage font files. It also loads, hints, and renders individual glyphs
efficiently. The freetype packages for Red Hat Enterprise Linux 4 provide
both the FreeType 1 and FreeType 2 font engines. The freetype packages for
Red Hat Enterprise Linux 5 provide only the FreeType 2 font engine.

It was discovered that the FreeType font rendering engine improperly
validated certain position values when processing input streams. If a user
loaded a specially-crafted font file with an application linked against
FreeType, and the relevant font glyphs were subsequently rendered with the
X FreeType library (libXft), it could trigger a heap-based buffer overflow
in the libXft library, causing the application to crash or, possibly,
execute arbitrary code with the privileges of the user running the
application. (CVE-2010-3311)

A stack-based buffer overflow flaw was found in the way the FreeType font
rendering engine processed some PostScript Type 1 fonts. If a user loaded a
specially-crafted font file with an application linked against FreeType, it
could cause the application to crash or, possibly, execute arbitrary code
with the privileges of the user running the application. (CVE-2010-2808)

An array index error was found in the way the FreeType font rendering
engine processed certain PostScript Type 42 font files. If a user loaded a
specially-crafted font file with an application linked against FreeType, it
could cause the application to crash or, possibly, execute arbitrary code
with the privileges of the user running the application. (CVE-2010-2806)

A stack overflow flaw was found in the way the FreeType font rendering
engine processed PostScript Type 1 font files that contain nested Standard
Encoding Accented Character (seac) calls. If a user loaded a
specially-crafted font file with an application linked against FreeType, it
could cause the application to crash. (CVE-2010-3054)

Note: All of the issues in this erratum only affect the FreeType 2 font
engine.

Users are advised to upgrade to these updated packages, which contain
backported patches to correct these issues. The X server must be restarted
(log out, then log back in) for this update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)

IA-32:
freetype-demos-2.2.1-28.el5_5.i386.rpm
File outdated by:  RHSA-2013:0216
    MD5: ad75e19cc5acc3f9b1d2681f2673e86f
SHA-256: 4bd1fae07b45dac0b32861a3ac84c995ba431125b6610d489924b0e3269c8334
freetype-devel-2.2.1-28.el5_5.i386.rpm
File outdated by:  RHSA-2013:0216
    MD5: e18c8bb773f312643c0c7a1cd4c1183a
SHA-256: eec67611bb972cb7269622feb710bff32d5b042d99087648316804f9df5c2110
 
x86_64:
freetype-demos-2.2.1-28.el5_5.x86_64.rpm
File outdated by:  RHSA-2013:0216
    MD5: df390c41a22c4cc9bc7d997b03306f4d
SHA-256: 8b234f46de6854d818e7de89cd75ef84656d6c8591d9e14203c80a1254128d70
freetype-devel-2.2.1-28.el5_5.i386.rpm
File outdated by:  RHSA-2013:0216
    MD5: e18c8bb773f312643c0c7a1cd4c1183a
SHA-256: eec67611bb972cb7269622feb710bff32d5b042d99087648316804f9df5c2110
freetype-devel-2.2.1-28.el5_5.x86_64.rpm
File outdated by:  RHSA-2013:0216
    MD5: 19deab2251754de8a8ce69805f63114d
SHA-256: ad3c6da3a7628daba95cfd1e03420bff51c3fe25188bba253b584302b4928cd1
 
Red Hat Desktop (v. 4)

IA-32:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-demos-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 4c7f682c769f8f27b2f7d99876d31be9
SHA-256: e7b4fc265b596ac10d97851823d472e91a0c75690a589946bd153492032c97a9
freetype-devel-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: aa9e22f175f1e44d1d6e7b8556ef9f0e
SHA-256: c399762b812f0e7cb7addb8550a01708c7be6f40b0473fa9ce473e80be2dad49
freetype-utils-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 1133aa4f67b25bf79993407dc74e1371
SHA-256: db015166df93a302155c969e88b70b4211f9ea13d55851376b83a0bab73cda85
 
x86_64:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 9cda02e28c53121b0f2d3564d4477c1e
SHA-256: 56e33edebce3179b222b2725d197018195d5a4f66564fbbbf2fca00ad3278502
freetype-demos-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 044fa3680892ca61c27463bac18c0159
SHA-256: f561984100870302b36d381300b4bdfbec88f612d323b6891dbabfdf0d6213b9
freetype-devel-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: bb07f0f7577268015eeef0b40589e84c
SHA-256: 5c256affc9e2a2e513aff44bf3d4cbddb5bd15742bd072b362b19d0541e3f71b
freetype-utils-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: cb1b6e6f2c2f1bd3ec75417cb9e62645
SHA-256: 855ceea17662b680c6d245df529330816f5970664a23927ac3df2850b1a22aca
 
Red Hat Enterprise Linux (v. 5 server)

IA-32:
freetype-2.2.1-28.el5_5.i386.rpm
File outdated by:  RHSA-2013:0216
    MD5: 075544dc06c98291704026b688bf214d
SHA-256: 37f24e1ed93517bf1427b28f4b7903201cf656585dffda44670b2a00fb23eaa2
freetype-demos-2.2.1-28.el5_5.i386.rpm
File outdated by:  RHSA-2013:0216
    MD5: ad75e19cc5acc3f9b1d2681f2673e86f
SHA-256: 4bd1fae07b45dac0b32861a3ac84c995ba431125b6610d489924b0e3269c8334
freetype-devel-2.2.1-28.el5_5.i386.rpm
File outdated by:  RHSA-2013:0216
    MD5: e18c8bb773f312643c0c7a1cd4c1183a
SHA-256: eec67611bb972cb7269622feb710bff32d5b042d99087648316804f9df5c2110
 
IA-64:
freetype-2.2.1-28.el5_5.i386.rpm
File outdated by:  RHSA-2013:0216
    MD5: 075544dc06c98291704026b688bf214d
SHA-256: 37f24e1ed93517bf1427b28f4b7903201cf656585dffda44670b2a00fb23eaa2
freetype-2.2.1-28.el5_5.ia64.rpm
File outdated by:  RHSA-2013:0216
    MD5: d70ec37c558ca9c2a1ff2e7fd419a665
SHA-256: 49d68328c53e873fd3869fc5b07167846f3eddd08a23674d78a20c4f0be7dd62
freetype-demos-2.2.1-28.el5_5.ia64.rpm
File outdated by:  RHSA-2013:0216
    MD5: 3a08817a6d528f6b302207942487182b
SHA-256: fbfcfbc53c585c452197e6f05edaeca77d12b9f96ffd44bc14a338aba91743b4
freetype-devel-2.2.1-28.el5_5.ia64.rpm
File outdated by:  RHSA-2013:0216
    MD5: ffe0aeda22fdcabfecbb65f1f6fba866
SHA-256: a64342e2fe7ff2edafbd84f975c0108acfc99ec5bb27e3f7dc3c3253a4c95469
 
PPC:
freetype-2.2.1-28.el5_5.ppc.rpm
File outdated by:  RHSA-2013:0216
    MD5: 2792e36e16a26328879a4c3ea191abad
SHA-256: 6f9935e110f2ef03e36dc347896e13d6348edabdc3f00bec711f8d33fa992ea5
freetype-2.2.1-28.el5_5.ppc64.rpm
File outdated by:  RHSA-2013:0216
    MD5: 4f419c2282e849518a59b62a33baa79d
SHA-256: 51c528c93339c37d35b5c306ac1cb0e4d4bec933993cc8da9a0965dc0f5f5e3c
freetype-demos-2.2.1-28.el5_5.ppc.rpm
File outdated by:  RHSA-2013:0216
    MD5: 8fbd83c21cd4757e6bb8a8567c99f949
SHA-256: 672b4cc552790148fa78fe624476b0b7d576dc10169df89db9b554e86e6c0c9d
freetype-devel-2.2.1-28.el5_5.ppc.rpm
File outdated by:  RHSA-2013:0216
    MD5: 406d18a2df7472a2b06315c5283fb3ab
SHA-256: e20802ffbf394c9ccbf1b52a0376825eb80c0cb057040b56711f02fd206a6428
freetype-devel-2.2.1-28.el5_5.ppc64.rpm
File outdated by:  RHSA-2013:0216
    MD5: c650a17ea18ada966ea0c4db16bc8687
SHA-256: 52e9a4f1f0f1fea1314d769f3bc851129c7e276589c5daa736917de027ae5a66
 
s390x:
freetype-2.2.1-28.el5_5.s390.rpm
File outdated by:  RHSA-2013:0216
    MD5: a2dbd324f15e1ccda4d4fddaa63c44e8
SHA-256: 133914a0f1991b4f2d97ac4cfbaff10220f6cebf9fc2ca6b6d8cdfe1b418029e
freetype-2.2.1-28.el5_5.s390x.rpm
File outdated by:  RHSA-2013:0216
    MD5: 80d3e9f537b27543a35f05706730f95d
SHA-256: 10418e7f0ed2a9209c71be71f61049233df0372092a86b8947d76cf8538451b6
freetype-demos-2.2.1-28.el5_5.s390x.rpm
File outdated by:  RHSA-2013:0216
    MD5: 4e3e448b9d4e4f360524feb69cb1490a
SHA-256: c3281ab7cceb5364b72c0eef7c8ac8833d66871d932a7b3856efed8d6596f49f
freetype-devel-2.2.1-28.el5_5.s390.rpm
File outdated by:  RHSA-2013:0216
    MD5: 118aa52dd255b407dc509506e0e0446c
SHA-256: 21c953038080536bc2652d5a0de572cfa2d6ebc4d61509b88bbd5ea72688bc72
freetype-devel-2.2.1-28.el5_5.s390x.rpm
File outdated by:  RHSA-2013:0216
    MD5: f1f5cd4c2709da215fbb0443f0766b26
SHA-256: 44e2dc9b169745831d14f5b45debda8215ac3f1105a0c9eeec9cde010bc73643
 
x86_64:
freetype-2.2.1-28.el5_5.i386.rpm
File outdated by:  RHSA-2013:0216
    MD5: 075544dc06c98291704026b688bf214d
SHA-256: 37f24e1ed93517bf1427b28f4b7903201cf656585dffda44670b2a00fb23eaa2
freetype-2.2.1-28.el5_5.x86_64.rpm
File outdated by:  RHSA-2013:0216
    MD5: 1ff2ee39184def2f61038d72f0a1bebb
SHA-256: 160ed3716c02771cf5becf79160a41b0b97d9070658287dfc3b0ceed613ac05a
freetype-demos-2.2.1-28.el5_5.x86_64.rpm
File outdated by:  RHSA-2013:0216
    MD5: df390c41a22c4cc9bc7d997b03306f4d
SHA-256: 8b234f46de6854d818e7de89cd75ef84656d6c8591d9e14203c80a1254128d70
freetype-devel-2.2.1-28.el5_5.i386.rpm
File outdated by:  RHSA-2013:0216
    MD5: e18c8bb773f312643c0c7a1cd4c1183a
SHA-256: eec67611bb972cb7269622feb710bff32d5b042d99087648316804f9df5c2110
freetype-devel-2.2.1-28.el5_5.x86_64.rpm
File outdated by:  RHSA-2013:0216
    MD5: 19deab2251754de8a8ce69805f63114d
SHA-256: ad3c6da3a7628daba95cfd1e03420bff51c3fe25188bba253b584302b4928cd1
 
Red Hat Enterprise Linux AS (v. 4)

IA-32:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-demos-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 4c7f682c769f8f27b2f7d99876d31be9
SHA-256: e7b4fc265b596ac10d97851823d472e91a0c75690a589946bd153492032c97a9
freetype-devel-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: aa9e22f175f1e44d1d6e7b8556ef9f0e
SHA-256: c399762b812f0e7cb7addb8550a01708c7be6f40b0473fa9ce473e80be2dad49
freetype-utils-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 1133aa4f67b25bf79993407dc74e1371
SHA-256: db015166df93a302155c969e88b70b4211f9ea13d55851376b83a0bab73cda85
 
IA-64:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 578084c82c07e1bf7d62763fd8aa9c31
SHA-256: a6a19f98091e88203b30ff17278e7e154e067411f8f9a6f0c5ecc51b359a0e4b
freetype-demos-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 12458ce0fc45df20131f7325c6642a95
SHA-256: 10edd7586b5551c8d552f1720471c8ae47be9398a83454d96de30b104d5a259f
freetype-devel-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 1770752e670bf87573492cf507499ff4
SHA-256: 0135fc695914d1b486aae917a76a9883f91427dacecc07e81d95da5bd9a5f13e
freetype-utils-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 21e71e1a50d028e48898a6335213cbce
SHA-256: 762117fb47410641a73517da66a31bba1613d78883f83ed3542f75ca447bcac1
 
PPC:
freetype-2.1.9-17.el4.8.ppc.rpm
File outdated by:  RHSA-2011:1455
    MD5: 1e113dd75c5b205774452ae53b4abea8
SHA-256: 372cee05e098464f6621cc2c46af6ecbc6fc895a36d631419fb5f3a596614edb
freetype-2.1.9-17.el4.8.ppc64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 4d4e5bb753d06d69526ade6c7de07dc2
SHA-256: 1522831ca5ec329b2f89936f0eb2dad9f3d153a2b52918ea9ef18e49ce1ee5b9
freetype-demos-2.1.9-17.el4.8.ppc.rpm
File outdated by:  RHSA-2011:1455
    MD5: c02fbcf7f943561308a4ec0094b8a7d5
SHA-256: a0aa744177bc18192cec682aa849852461e236e02bded336fb817101fbd9fa1d
freetype-devel-2.1.9-17.el4.8.ppc.rpm
File outdated by:  RHSA-2011:1455
    MD5: 18a8d439daeaf0434838386fb52344ed
SHA-256: 00e23652a6d6c63fe7ec781f6163b777b168c834f9245c6eddaaf590c586fe3f
freetype-utils-2.1.9-17.el4.8.ppc.rpm
File outdated by:  RHSA-2011:1455
    MD5: dbd97f3dd432d685fd003618ee398d03
SHA-256: a8f3d86e13181a9699a09bf9b2f9284af332eb7dcf6a008d65f4e5699da4a35f
 
s390:
freetype-2.1.9-17.el4.8.s390.rpm
File outdated by:  RHSA-2011:1455
    MD5: 22d32f3fdc619066016ca33b45742630
SHA-256: 48011fca4af4254afa04f6472cf3d326e8344c1c0958b6d7d2f47badbfe42abf
freetype-demos-2.1.9-17.el4.8.s390.rpm
File outdated by:  RHSA-2011:1455
    MD5: 1756cb6e2b1dc8cf3e249871e9aadcd0
SHA-256: 6cff4dc437ed1d77cb8261dd7653d33698f013aac00dd38ec1f2fa16c003693b
freetype-devel-2.1.9-17.el4.8.s390.rpm
File outdated by:  RHSA-2011:1455
    MD5: b652e5b4c209fc452a766da8e5fa35cf
SHA-256: f2868b10c4360ab95bee842d46a96d4dd87652a0a0836d10b8d3dffdd3dbead2
freetype-utils-2.1.9-17.el4.8.s390.rpm
File outdated by:  RHSA-2011:1455
    MD5: 05f9fb7a9fc62f81bf8d767434b7d8bb
SHA-256: e597229596493b81046d23049a2610d8c27cfa48469811118337e8437dc5aa00
 
s390x:
freetype-2.1.9-17.el4.8.s390.rpm
File outdated by:  RHSA-2011:1455
    MD5: 22d32f3fdc619066016ca33b45742630
SHA-256: 48011fca4af4254afa04f6472cf3d326e8344c1c0958b6d7d2f47badbfe42abf
freetype-2.1.9-17.el4.8.s390x.rpm
File outdated by:  RHSA-2011:1455
    MD5: a20d7afc59fd11ee31429e41fca89eaa
SHA-256: dfa4ee87d4fb9c107ffb56255a5fb9f4c5f6b5decff11e5ddfc50aa5f89e355b
freetype-demos-2.1.9-17.el4.8.s390x.rpm
File outdated by:  RHSA-2011:1455
    MD5: 7d31e34effbf123d486dff1232dccf96
SHA-256: c655978dd7ad77b43f9be87dafeb6a4551c16c309a346b27ad97330cba14f479
freetype-devel-2.1.9-17.el4.8.s390x.rpm
File outdated by:  RHSA-2011:1455
    MD5: 77cb35081494a9e5cbce51b459d0ce9f
SHA-256: c010ac917fe176054366a5fe433fb2ed57503af5b80c3c0613f499f1166e4c3f
freetype-utils-2.1.9-17.el4.8.s390x.rpm
File outdated by:  RHSA-2011:1455
    MD5: f9156872304653c895c4195238b8ac4d
SHA-256: 9704628329bf08ac3c750a64a0428a74dd4904fc142c5262d6e700dee2d8783d
 
x86_64:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 9cda02e28c53121b0f2d3564d4477c1e
SHA-256: 56e33edebce3179b222b2725d197018195d5a4f66564fbbbf2fca00ad3278502
freetype-demos-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 044fa3680892ca61c27463bac18c0159
SHA-256: f561984100870302b36d381300b4bdfbec88f612d323b6891dbabfdf0d6213b9
freetype-devel-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: bb07f0f7577268015eeef0b40589e84c
SHA-256: 5c256affc9e2a2e513aff44bf3d4cbddb5bd15742bd072b362b19d0541e3f71b
freetype-utils-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: cb1b6e6f2c2f1bd3ec75417cb9e62645
SHA-256: 855ceea17662b680c6d245df529330816f5970664a23927ac3df2850b1a22aca
 
Red Hat Enterprise Linux AS (v. 4.8.z)

IA-32:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2010:0889
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-demos-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2010:0889
    MD5: 4c7f682c769f8f27b2f7d99876d31be9
SHA-256: e7b4fc265b596ac10d97851823d472e91a0c75690a589946bd153492032c97a9
freetype-devel-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2010:0889
    MD5: aa9e22f175f1e44d1d6e7b8556ef9f0e
SHA-256: c399762b812f0e7cb7addb8550a01708c7be6f40b0473fa9ce473e80be2dad49
freetype-utils-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2010:0889
    MD5: 1133aa4f67b25bf79993407dc74e1371
SHA-256: db015166df93a302155c969e88b70b4211f9ea13d55851376b83a0bab73cda85
 
IA-64:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2010:0889
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2010:0889
    MD5: 578084c82c07e1bf7d62763fd8aa9c31
SHA-256: a6a19f98091e88203b30ff17278e7e154e067411f8f9a6f0c5ecc51b359a0e4b
freetype-demos-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2010:0889
    MD5: 12458ce0fc45df20131f7325c6642a95
SHA-256: 10edd7586b5551c8d552f1720471c8ae47be9398a83454d96de30b104d5a259f
freetype-devel-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2010:0889
    MD5: 1770752e670bf87573492cf507499ff4
SHA-256: 0135fc695914d1b486aae917a76a9883f91427dacecc07e81d95da5bd9a5f13e
freetype-utils-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2010:0889
    MD5: 21e71e1a50d028e48898a6335213cbce
SHA-256: 762117fb47410641a73517da66a31bba1613d78883f83ed3542f75ca447bcac1
 
PPC:
freetype-2.1.9-17.el4.8.ppc.rpm
File outdated by:  RHSA-2010:0889
    MD5: 1e113dd75c5b205774452ae53b4abea8
SHA-256: 372cee05e098464f6621cc2c46af6ecbc6fc895a36d631419fb5f3a596614edb
freetype-2.1.9-17.el4.8.ppc64.rpm
File outdated by:  RHSA-2010:0889
    MD5: 4d4e5bb753d06d69526ade6c7de07dc2
SHA-256: 1522831ca5ec329b2f89936f0eb2dad9f3d153a2b52918ea9ef18e49ce1ee5b9
freetype-demos-2.1.9-17.el4.8.ppc.rpm
File outdated by:  RHSA-2010:0889
    MD5: c02fbcf7f943561308a4ec0094b8a7d5
SHA-256: a0aa744177bc18192cec682aa849852461e236e02bded336fb817101fbd9fa1d
freetype-devel-2.1.9-17.el4.8.ppc.rpm
File outdated by:  RHSA-2010:0889
    MD5: 18a8d439daeaf0434838386fb52344ed
SHA-256: 00e23652a6d6c63fe7ec781f6163b777b168c834f9245c6eddaaf590c586fe3f
freetype-utils-2.1.9-17.el4.8.ppc.rpm
File outdated by:  RHSA-2010:0889
    MD5: dbd97f3dd432d685fd003618ee398d03
SHA-256: a8f3d86e13181a9699a09bf9b2f9284af332eb7dcf6a008d65f4e5699da4a35f
 
s390:
freetype-2.1.9-17.el4.8.s390.rpm
File outdated by:  RHSA-2010:0889
    MD5: 22d32f3fdc619066016ca33b45742630
SHA-256: 48011fca4af4254afa04f6472cf3d326e8344c1c0958b6d7d2f47badbfe42abf
freetype-demos-2.1.9-17.el4.8.s390.rpm
File outdated by:  RHSA-2010:0889
    MD5: 1756cb6e2b1dc8cf3e249871e9aadcd0
SHA-256: 6cff4dc437ed1d77cb8261dd7653d33698f013aac00dd38ec1f2fa16c003693b
freetype-devel-2.1.9-17.el4.8.s390.rpm
File outdated by:  RHSA-2010:0889
    MD5: b652e5b4c209fc452a766da8e5fa35cf
SHA-256: f2868b10c4360ab95bee842d46a96d4dd87652a0a0836d10b8d3dffdd3dbead2
freetype-utils-2.1.9-17.el4.8.s390.rpm
File outdated by:  RHSA-2010:0889
    MD5: 05f9fb7a9fc62f81bf8d767434b7d8bb
SHA-256: e597229596493b81046d23049a2610d8c27cfa48469811118337e8437dc5aa00
 
s390x:
freetype-2.1.9-17.el4.8.s390.rpm
File outdated by:  RHSA-2010:0889
    MD5: 22d32f3fdc619066016ca33b45742630
SHA-256: 48011fca4af4254afa04f6472cf3d326e8344c1c0958b6d7d2f47badbfe42abf
freetype-2.1.9-17.el4.8.s390x.rpm
File outdated by:  RHSA-2010:0889
    MD5: a20d7afc59fd11ee31429e41fca89eaa
SHA-256: dfa4ee87d4fb9c107ffb56255a5fb9f4c5f6b5decff11e5ddfc50aa5f89e355b
freetype-demos-2.1.9-17.el4.8.s390x.rpm
File outdated by:  RHSA-2010:0889
    MD5: 7d31e34effbf123d486dff1232dccf96
SHA-256: c655978dd7ad77b43f9be87dafeb6a4551c16c309a346b27ad97330cba14f479
freetype-devel-2.1.9-17.el4.8.s390x.rpm
File outdated by:  RHSA-2010:0889
    MD5: 77cb35081494a9e5cbce51b459d0ce9f
SHA-256: c010ac917fe176054366a5fe433fb2ed57503af5b80c3c0613f499f1166e4c3f
freetype-utils-2.1.9-17.el4.8.s390x.rpm
File outdated by:  RHSA-2010:0889
    MD5: f9156872304653c895c4195238b8ac4d
SHA-256: 9704628329bf08ac3c750a64a0428a74dd4904fc142c5262d6e700dee2d8783d
 
x86_64:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2010:0889
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2010:0889
    MD5: 9cda02e28c53121b0f2d3564d4477c1e
SHA-256: 56e33edebce3179b222b2725d197018195d5a4f66564fbbbf2fca00ad3278502
freetype-demos-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2010:0889
    MD5: 044fa3680892ca61c27463bac18c0159
SHA-256: f561984100870302b36d381300b4bdfbec88f612d323b6891dbabfdf0d6213b9
freetype-devel-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2010:0889
    MD5: bb07f0f7577268015eeef0b40589e84c
SHA-256: 5c256affc9e2a2e513aff44bf3d4cbddb5bd15742bd072b362b19d0541e3f71b
freetype-utils-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2010:0889
    MD5: cb1b6e6f2c2f1bd3ec75417cb9e62645
SHA-256: 855ceea17662b680c6d245df529330816f5970664a23927ac3df2850b1a22aca
 
Red Hat Enterprise Linux Desktop (v. 5 client)

IA-32:
freetype-2.2.1-28.el5_5.i386.rpm
File outdated by:  RHSA-2013:0216
    MD5: 075544dc06c98291704026b688bf214d
SHA-256: 37f24e1ed93517bf1427b28f4b7903201cf656585dffda44670b2a00fb23eaa2
 
x86_64:
freetype-2.2.1-28.el5_5.i386.rpm
File outdated by:  RHSA-2013:0216
    MD5: 075544dc06c98291704026b688bf214d
SHA-256: 37f24e1ed93517bf1427b28f4b7903201cf656585dffda44670b2a00fb23eaa2
freetype-2.2.1-28.el5_5.x86_64.rpm
File outdated by:  RHSA-2013:0216
    MD5: 1ff2ee39184def2f61038d72f0a1bebb
SHA-256: 160ed3716c02771cf5becf79160a41b0b97d9070658287dfc3b0ceed613ac05a
 
Red Hat Enterprise Linux ES (v. 4)

IA-32:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-demos-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 4c7f682c769f8f27b2f7d99876d31be9
SHA-256: e7b4fc265b596ac10d97851823d472e91a0c75690a589946bd153492032c97a9
freetype-devel-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: aa9e22f175f1e44d1d6e7b8556ef9f0e
SHA-256: c399762b812f0e7cb7addb8550a01708c7be6f40b0473fa9ce473e80be2dad49
freetype-utils-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 1133aa4f67b25bf79993407dc74e1371
SHA-256: db015166df93a302155c969e88b70b4211f9ea13d55851376b83a0bab73cda85
 
IA-64:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 578084c82c07e1bf7d62763fd8aa9c31
SHA-256: a6a19f98091e88203b30ff17278e7e154e067411f8f9a6f0c5ecc51b359a0e4b
freetype-demos-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 12458ce0fc45df20131f7325c6642a95
SHA-256: 10edd7586b5551c8d552f1720471c8ae47be9398a83454d96de30b104d5a259f
freetype-devel-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 1770752e670bf87573492cf507499ff4
SHA-256: 0135fc695914d1b486aae917a76a9883f91427dacecc07e81d95da5bd9a5f13e
freetype-utils-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 21e71e1a50d028e48898a6335213cbce
SHA-256: 762117fb47410641a73517da66a31bba1613d78883f83ed3542f75ca447bcac1
 
x86_64:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 9cda02e28c53121b0f2d3564d4477c1e
SHA-256: 56e33edebce3179b222b2725d197018195d5a4f66564fbbbf2fca00ad3278502
freetype-demos-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 044fa3680892ca61c27463bac18c0159
SHA-256: f561984100870302b36d381300b4bdfbec88f612d323b6891dbabfdf0d6213b9
freetype-devel-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: bb07f0f7577268015eeef0b40589e84c
SHA-256: 5c256affc9e2a2e513aff44bf3d4cbddb5bd15742bd072b362b19d0541e3f71b
freetype-utils-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: cb1b6e6f2c2f1bd3ec75417cb9e62645
SHA-256: 855ceea17662b680c6d245df529330816f5970664a23927ac3df2850b1a22aca
 
Red Hat Enterprise Linux ES (v. 4.8.z)

IA-32:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2010:0889
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-demos-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2010:0889
    MD5: 4c7f682c769f8f27b2f7d99876d31be9
SHA-256: e7b4fc265b596ac10d97851823d472e91a0c75690a589946bd153492032c97a9
freetype-devel-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2010:0889
    MD5: aa9e22f175f1e44d1d6e7b8556ef9f0e
SHA-256: c399762b812f0e7cb7addb8550a01708c7be6f40b0473fa9ce473e80be2dad49
freetype-utils-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2010:0889
    MD5: 1133aa4f67b25bf79993407dc74e1371
SHA-256: db015166df93a302155c969e88b70b4211f9ea13d55851376b83a0bab73cda85
 
IA-64:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2010:0889
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2010:0889
    MD5: 578084c82c07e1bf7d62763fd8aa9c31
SHA-256: a6a19f98091e88203b30ff17278e7e154e067411f8f9a6f0c5ecc51b359a0e4b
freetype-demos-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2010:0889
    MD5: 12458ce0fc45df20131f7325c6642a95
SHA-256: 10edd7586b5551c8d552f1720471c8ae47be9398a83454d96de30b104d5a259f
freetype-devel-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2010:0889
    MD5: 1770752e670bf87573492cf507499ff4
SHA-256: 0135fc695914d1b486aae917a76a9883f91427dacecc07e81d95da5bd9a5f13e
freetype-utils-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2010:0889
    MD5: 21e71e1a50d028e48898a6335213cbce
SHA-256: 762117fb47410641a73517da66a31bba1613d78883f83ed3542f75ca447bcac1
 
x86_64:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2010:0889
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2010:0889
    MD5: 9cda02e28c53121b0f2d3564d4477c1e
SHA-256: 56e33edebce3179b222b2725d197018195d5a4f66564fbbbf2fca00ad3278502
freetype-demos-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2010:0889
    MD5: 044fa3680892ca61c27463bac18c0159
SHA-256: f561984100870302b36d381300b4bdfbec88f612d323b6891dbabfdf0d6213b9
freetype-devel-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2010:0889
    MD5: bb07f0f7577268015eeef0b40589e84c
SHA-256: 5c256affc9e2a2e513aff44bf3d4cbddb5bd15742bd072b362b19d0541e3f71b
freetype-utils-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2010:0889
    MD5: cb1b6e6f2c2f1bd3ec75417cb9e62645
SHA-256: 855ceea17662b680c6d245df529330816f5970664a23927ac3df2850b1a22aca
 
Red Hat Enterprise Linux WS (v. 4)

IA-32:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-demos-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 4c7f682c769f8f27b2f7d99876d31be9
SHA-256: e7b4fc265b596ac10d97851823d472e91a0c75690a589946bd153492032c97a9
freetype-devel-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: aa9e22f175f1e44d1d6e7b8556ef9f0e
SHA-256: c399762b812f0e7cb7addb8550a01708c7be6f40b0473fa9ce473e80be2dad49
freetype-utils-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 1133aa4f67b25bf79993407dc74e1371
SHA-256: db015166df93a302155c969e88b70b4211f9ea13d55851376b83a0bab73cda85
 
IA-64:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 578084c82c07e1bf7d62763fd8aa9c31
SHA-256: a6a19f98091e88203b30ff17278e7e154e067411f8f9a6f0c5ecc51b359a0e4b
freetype-demos-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 12458ce0fc45df20131f7325c6642a95
SHA-256: 10edd7586b5551c8d552f1720471c8ae47be9398a83454d96de30b104d5a259f
freetype-devel-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 1770752e670bf87573492cf507499ff4
SHA-256: 0135fc695914d1b486aae917a76a9883f91427dacecc07e81d95da5bd9a5f13e
freetype-utils-2.1.9-17.el4.8.ia64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 21e71e1a50d028e48898a6335213cbce
SHA-256: 762117fb47410641a73517da66a31bba1613d78883f83ed3542f75ca447bcac1
 
x86_64:
freetype-2.1.9-17.el4.8.i386.rpm
File outdated by:  RHSA-2011:1455
    MD5: 504aca46dcd88e1228f1aa26ed36458b
SHA-256: 2e2e2c773c1dff09b00b53a392d0bd3d733abe49677e7526a924983c0a3c53b7
freetype-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 9cda02e28c53121b0f2d3564d4477c1e
SHA-256: 56e33edebce3179b222b2725d197018195d5a4f66564fbbbf2fca00ad3278502
freetype-demos-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: 044fa3680892ca61c27463bac18c0159
SHA-256: f561984100870302b36d381300b4bdfbec88f612d323b6891dbabfdf0d6213b9
freetype-devel-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: bb07f0f7577268015eeef0b40589e84c
SHA-256: 5c256affc9e2a2e513aff44bf3d4cbddb5bd15742bd072b362b19d0541e3f71b
freetype-utils-2.1.9-17.el4.8.x86_64.rpm
File outdated by:  RHSA-2011:1455
    MD5: cb1b6e6f2c2f1bd3ec75417cb9e62645
SHA-256: 855ceea17662b680c6d245df529330816f5970664a23927ac3df2850b1a22aca
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

621907 - CVE-2010-2808 FreeType: Stack-based buffer overflow by processing certain LWFN fonts
621980 - CVE-2010-2806 FreeType: Heap-based buffer overflow by processing FontType42 fonts with negative length of SFNT strings (FT bug #30656)
623625 - CVE-2010-3311 freetype: Input stream position error by processing Compact Font Format (CFF) font files
625632 - CVE-2010-3054 freetype: DoS via nested "seac" calls


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/