[USN-643-1] FreeType vulnerabilities
Date: Thu, 11 Sep 2008 15:27:09 -0700
From: Kees Cook <kees@ubuntu.com.>
To: [email protected]
Subject: [USN-643-1] FreeType vulnerabilities
Message-ID: <20080911222709.GG14230@outflux.net.>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="bAmEntskrkuBymla"
Content-Disposition: inline
Organization: Ubuntu
X-MIMEDefang-Filter: outflux$Revision: 1.316 $
X-HELO: www.outflux.net
X-Scanned-By: MIMEDefang 2.57 on 10.2.0.1
X-Virus-Scanned: antivirus-gw at tyumen.ru
--bAmEntskrkuBymla
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=20
Ubuntu Security Notice USN-643-1 September 11, 2008
freetype vulnerabilities
CVE-2008-1806, CVE-2008-1807, CVE-2008-1808
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
libfreetype6 2.1.10-1ubuntu2.5
Ubuntu 7.04:
libfreetype6 2.2.1-5ubuntu1.2
Ubuntu 7.10:
libfreetype6 2.3.5-1ubuntu4.7.10.1
Ubuntu 8.04 LTS:
libfreetype6 2.3.5-1ubuntu4.8.04.1
After a standard system upgrade you need to restart your session to
effect the necessary changes.
Details follow:
Multiple flaws were discovered in the PFB and TTF font handling code
in freetype. If a user were tricked into using a specially crafted
font file, a remote attacker could execute arbitrary code with user
privileges or cause the application linked against freetype to crash,
leading to a denial of service.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-=
1ubuntu2.5.diff.gz
Size/MD5: 61226 6c66dd6e70020232a317923954795f55
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-=
1ubuntu2.5.dsc
Size/MD5: 756 ae876a7d63fc19acd58839f78883568e
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10.=
orig.tar.gz
Size/MD5: 1323617 adf145ce51196ad1b3054d5fb032efe6
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev=
_2.1.10-1ubuntu2.5_amd64.deb
Size/MD5: 717504 f7f01c858678c88b72a297cfaf0c04d8
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1=
=2E10-1ubuntu2.5_amd64.deb
Size/MD5: 439950 bd57f3d8d0de6c92313a5013cc65a9dd
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-de=
mos_2.1.10-1ubuntu2.5_amd64.deb
Size/MD5: 133870 a9e289db8b44a07e560762c4b50fbb32
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6=
-udeb_2.1.10-1ubuntu2.5_amd64.udeb
Size/MD5: 251744 2ec43e089150ebf7e4ca76a283123bfe
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev=
_2.1.10-1ubuntu2.5_i386.deb
Size/MD5: 677456 bb8a9ffe2a4129440a5f2b1580951441
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1=
=2E10-1ubuntu2.5_i386.deb
Size/MD5: 415534 285c888edd64956294eb12401086fdf9
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-de=
mos_2.1.10-1ubuntu2.5_i386.deb
Size/MD5: 117362 9f871503b252e990b134481aaee8bf05
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6=
-udeb_2.1.10-1ubuntu2.5_i386.udeb
Size/MD5: 227326 8edd92c819fdf564dfaf9eabb8d5bbcb
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev=
_2.1.10-1ubuntu2.5_powerpc.deb
Size/MD5: 708442 236abfb1c77da946d4964a65330c3723
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1=
=2E10-1ubuntu2.5_powerpc.deb
Size/MD5: 430020 f7bacfcd3b7067e055f9e1a19d652839
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-de=
mos_2.1.10-1ubuntu2.5_powerpc.deb
Size/MD5: 134256 4537e50e0087a7dbbc4dbd1881f37986
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6=
-udeb_2.1.10-1ubuntu2.5_powerpc.udeb
Size/MD5: 241466 3cdc08267a14e7c8d318b89588850f4f
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev=
_2.1.10-1ubuntu2.5_sparc.deb
Size/MD5: 683628 d65cc62a285251ba5adf654a46a9873f
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1=
=2E10-1ubuntu2.5_sparc.deb
Size/MD5: 411058 e75386ffdb84eec8734c5a4e8e316515
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-de=
mos_2.1.10-1ubuntu2.5_sparc.deb
Size/MD5: 120082 ca64eaec1f4443e7a7e483ce11d908db
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6=
-udeb_2.1.10-1ubuntu2.5_sparc.udeb
Size/MD5: 222480 b2bed2f9d40445aed9fdbaffde6557a0
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1-5=
ubuntu1.2.diff.gz
Size/MD5: 34128 293369b7734de909c48a1a53a52ac9ad
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1-5=
ubuntu1.2.dsc
Size/MD5: 934 c962be94c068c0267d53aef2ca8049dc
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.2.1.o=
rig.tar.gz
Size/MD5: 1451392 a584e84d617c6e7919b4aef9b5106cf4
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev=
_2.2.1-5ubuntu1.2_amd64.deb
Size/MD5: 669160 7c282fffc798a15c26611d605ab5f644
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2=
=2E1-5ubuntu1.2_amd64.deb
Size/MD5: 355868 7c1ca824c4b99d0602f2ab3a48217daa
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-de=
mos_2.2.1-5ubuntu1.2_amd64.deb
Size/MD5: 151698 1f50e1bef945a99f73ff5d7731bee945
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6=
-udeb_2.2.1-5ubuntu1.2_amd64.udeb
Size/MD5: 250868 53aaf7a3a775e1b0c8ca9a511db5ef27
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev=
_2.2.1-5ubuntu1.2_i386.deb
Size/MD5: 640474 e231a834f099014cc68714e5ab322337
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2=
=2E1-5ubuntu1.2_i386.deb
Size/MD5: 343826 d0aed109134464b056e44aca37e3f400
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-de=
mos_2.2.1-5ubuntu1.2_i386.deb
Size/MD5: 134584 d9ba29677ab94b9b69ea726a33abe06d
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6=
-udeb_2.2.1-5ubuntu1.2_i386.udeb
Size/MD5: 237572 f227ea16926050038c2452360cfe0397
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev=
_2.2.1-5ubuntu1.2_powerpc.deb
Size/MD5: 663186 7262489abc1ed1726eb60480cae9daaf
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2=
=2E1-5ubuntu1.2_powerpc.deb
Size/MD5: 356450 eaaec2862b5ba92908353fde90e354d9
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-de=
mos_2.2.1-5ubuntu1.2_powerpc.deb
Size/MD5: 160368 949d30bc1508138673acc48e4d54117a
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6=
-udeb_2.2.1-5ubuntu1.2_powerpc.udeb
Size/MD5: 250216 601c00ff376609db7e272a4cb22b8277
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev=
_2.2.1-5ubuntu1.2_sparc.deb
Size/MD5: 635780 eee358eb58a4a274a3cf4f7924a45425
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.2=
=2E1-5ubuntu1.2_sparc.deb
Size/MD5: 328008 6fb5e77c1e11345af657f50990a23799
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-de=
mos_2.2.1-5ubuntu1.2_sparc.deb
Size/MD5: 135438 e389f6f4c58408cb143fc53b5ec16f18
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6=
-udeb_2.2.1-5ubuntu1.2_sparc.udeb
Size/MD5: 222258 5005d2bf0ebab47b0f00ba006e4b3a3a
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5-1=
ubuntu4.7.10.1.diff.gz
Size/MD5: 32392 f43351d5c56e0a6432132556581bbe59
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5-1=
ubuntu4.7.10.1.dsc
Size/MD5: 944 4095a3dbfcc9a33f9014cb40415b9434
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5.o=
rig.tar.gz
Size/MD5: 1536077 4a5bdbe1ab92f3fe4c4816f9934a5ec2
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev=
_2.3.5-1ubuntu4.7.10.1_amd64.deb
Size/MD5: 695776 bd34599d40b4bada4a7c942ecb73af2e
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3=
=2E5-1ubuntu4.7.10.1_amd64.deb
Size/MD5: 363958 b94b8a86bfc9b4d377bafbe1a270d10f
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-de=
mos_2.3.5-1ubuntu4.7.10.1_amd64.deb
Size/MD5: 226098 06393a425b12ba5db9edc0be0d43f5f3
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6=
-udeb_2.3.5-1ubuntu4.7.10.1_amd64.udeb
Size/MD5: 260832 dcafd9881766c3fe78d3981b770f5ae3
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev=
_2.3.5-1ubuntu4.7.10.1_i386.deb
Size/MD5: 664184 36999d55d7900a522eeb1393440abfdb
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3=
=2E5-1ubuntu4.7.10.1_i386.deb
Size/MD5: 348580 3317d4129d8b48e72bed79cc77007e76
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-de=
mos_2.3.5-1ubuntu4.7.10.1_i386.deb
Size/MD5: 199554 b5fe08ca3fe3fc72d99e9d8774738938
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6=
-udeb_2.3.5-1ubuntu4.7.10.1_i386.udeb
Size/MD5: 245958 9fe1900b2a3676624c5d8bb1e0eb4719
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ub=
untu4.7.10.1_lpia.deb
Size/MD5: 665092 eb05b0004a767fb5adf20b15b11a0957
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu=
4.7.10.1_lpia.deb
Size/MD5: 348748 ef2b09db0c6afac6557bc24d4147f6a0
http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-=
1ubuntu4.7.10.1_lpia.deb
Size/MD5: 205274 053325b7712aa9edb70a5153626459ed
http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.=
5-1ubuntu4.7.10.1_lpia.udeb
Size/MD5: 245988 e6a9e1d029fe308a62d726f7aed67bf9
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev=
_2.3.5-1ubuntu4.7.10.1_powerpc.deb
Size/MD5: 688928 4431492d76055646289cd563c2fdca54
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3=
=2E5-1ubuntu4.7.10.1_powerpc.deb
Size/MD5: 361526 a7ad92719a212856bbf09a3c421257c8
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-de=
mos_2.3.5-1ubuntu4.7.10.1_powerpc.deb
Size/MD5: 234566 775ce2c35af5d64f48c76302d78b5f25
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6=
-udeb_2.3.5-1ubuntu4.7.10.1_powerpc.udeb
Size/MD5: 259014 083d6dfa14a395f2ea8a8cf7ebb80b08
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev=
_2.3.5-1ubuntu4.7.10.1_sparc.deb
Size/MD5: 659680 966a89e882917b3395eb6252dbdb4e74
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3=
=2E5-1ubuntu4.7.10.1_sparc.deb
Size/MD5: 333962 93a9a871a86bd6f313c330a8c36fed7c
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-de=
mos_2.3.5-1ubuntu4.7.10.1_sparc.deb
Size/MD5: 201010 c2ff174e86e3e42a5aa268fa7f173d34
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6=
-udeb_2.3.5-1ubuntu4.7.10.1_sparc.udeb
Size/MD5: 230518 0e9fd929044df71406738e9d84c7c880
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5-1=
ubuntu4.8.04.1.diff.gz
Size/MD5: 32395 2ae84145941bf1c67058decbef143652
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5-1=
ubuntu4.8.04.1.dsc
Size/MD5: 944 bb7c3ed6113393ccd6abdb3d37300c07
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5.o=
rig.tar.gz
Size/MD5: 1536077 4a5bdbe1ab92f3fe4c4816f9934a5ec2
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev=
_2.3.5-1ubuntu4.8.04.1_amd64.deb
Size/MD5: 694000 d3f6a9432ba6e6128ae6042ec913de9c
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3=
=2E5-1ubuntu4.8.04.1_amd64.deb
Size/MD5: 361338 3b5f89dab8e56569d7427ac67507492c
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-de=
mos_2.3.5-1ubuntu4.8.04.1_amd64.deb
Size/MD5: 221288 c27d0aa4b83a0f428b45388fade03097
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6=
-udeb_2.3.5-1ubuntu4.8.04.1_amd64.udeb
Size/MD5: 258196 6277f4040b0e996e87dc251a874dd439
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev=
_2.3.5-1ubuntu4.8.04.1_i386.deb
Size/MD5: 663140 87fd64034becc5901e1559e9cb1301ba
http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3=
=2E5-1ubuntu4.8.04.1_i386.deb
Size/MD5: 346396 f49f1d306c5c2ffd41df1f85c82ff20a
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-de=
mos_2.3.5-1ubuntu4.8.04.1_i386.deb
Size/MD5: 201200 3c1851a782a0886f23de434aeaa8d033
http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6=
-udeb_2.3.5-1ubuntu4.8.04.1_i386.udeb
Size/MD5: 243222 84dc439ed4697cfee55da2eb67d81698
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ub=
untu4.8.04.1_lpia.deb
Size/MD5: 665082 22e6aedd01689bb8cad75d1e98f6211e
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu=
4.8.04.1_lpia.deb
Size/MD5: 346596 6f8718573d06a221a4cec2f41411fe21
http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-=
1ubuntu4.8.04.1_lpia.deb
Size/MD5: 205444 cbe4313062dee1ee8a06fbced6e9a0d1
http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.=
5-1ubuntu4.8.04.1_lpia.udeb
Size/MD5: 244208 8388f5dc96acef6cc8a2e375569b450a
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ub=
untu4.8.04.1_powerpc.deb
Size/MD5: 686986 9ddf5f196c576dfae2f53ab2c57df29b
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu=
4.8.04.1_powerpc.deb
Size/MD5: 357360 68496230dd15b13b59dbf8b713bf1f8e
http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-=
1ubuntu4.8.04.1_powerpc.deb
Size/MD5: 235472 175aaae30eaa1c46ec8653e104794682
http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.=
5-1ubuntu4.8.04.1_powerpc.udeb
Size/MD5: 254308 f2489420c89bbe5009fe0b3b33dcb3fb
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ub=
untu4.8.04.1_sparc.deb
Size/MD5: 657910 e3b7e8c502de36802d0cd75c22257f67
http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu=
4.8.04.1_sparc.deb
Size/MD5: 331172 dfae3b2a457907b6719c0fbf0019eb6f
http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-=
1ubuntu4.8.04.1_sparc.deb
Size/MD5: 199666 8181a2d5292df6a775f8a2179120bf8e
http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.=
5-1ubuntu4.8.04.1_sparc.udeb
Size/MD5: 227644 e945304ee5c12b57850c91cc6b2ef903
--bAmEntskrkuBymla
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Kees Cook <kees@outflux.net.>
iEYEARECAAYFAkjJmz0ACgkQH/9LqRcGPm3BzgCgloLrOT6GcmZT7ttbeaZ03Wu5
na8AniCRAGu/dSMTcpwazzOx/iMe73W5
=ux7R
-----END PGP SIGNATURE-----
--bAmEntskrkuBymla--