You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa freetype

Sigurnosni nedostatak programskog paketa freetype

by ncert - 0

==========================================================================
Ubuntu Security Notice USN-2739-1
September 10, 2015

freetype vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 15.04
– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in FreeType.

Software Description:
– freetype: FreeType 2 is a font engine library

Details:

It was discovered that FreeType did not correctly handle certain malformed
font files. If a user were tricked into using a specially crafted font
file, a remote attacker could cause FreeType to crash or hang, resulting in
a denial of service, or possibly expose uninitialized memory.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.04:
libfreetype6 2.5.2-2ubuntu3.1

Ubuntu 14.04 LTS:
libfreetype6 2.5.2-1ubuntu2.5

Ubuntu 12.04 LTS:
libfreetype6 2.4.8-1ubuntu2.3

After a standard system update you need to restart your session to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2739-1
https://launchpad.net/bugs/1449225, https://launchpad.net/bugs/1492124

Package Information:
https://launchpad.net/ubuntu/+source/freetype/2.5.2-2ubuntu3.1
https://launchpad.net/ubuntu/+source/freetype/2.5.2-1ubuntu2.5
https://launchpad.net/ubuntu/+source/freetype/2.4.8-1ubuntu2.3

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAEBCgAGBQJV8cEEAAoJEGVp2FWnRL6Tj4gP/1bQeFpy4K2Md1JY1+x4j6Av
FjOYUWixfzD1kKZRz80jDv4bsrR3KDopCrF1jo48BvJRIxLP8qYA5QM98yZg0f0l
hMXoMSLeORx3drnv4dXXD0y0nwuWi1He7Y/ssipmZqi6av2hQjA9s/TSyZXMXAiP
2HHUgvic+LbjTLX5P8bfjogyuFE0K2PswOpW7F3uDnhUJJ/O61F/PwlM6hzMlvIq
G8awXUVkMoBW/Z/r1LIIMMSd2q/kXcDy+ulIm3KN5mWMiwK7zkVos+QThfoVZTYo
ROB4iwShKpMlhtZcicnmhdq9DSuu/w2tf0YgqTPFzcYV8nobG3xDBnLVoyBjoCIq
mNHUIjy4m/1wQEhcJQ2yYC85VRWV0pBPEjNCeBq8Fo6DmIh7Dfwt5nr4s4gt9IlH
ZpXP/Qh4SIQ4SG7SXcRACZmleLjA7alWlgWwoYuh98J6I5LrkAEPPwvXhkYt4Erp
T91axxmNbf2DyCF2OJhG2KdzDJIgCGhT0z7eidsYVwy6BBNIaGmMxpILaQrFIG3r
uuSkgeXR0oo0arNCKzH+oV65Yu9baSaVvbV5t8NVPAn8BcY0nyDvYD3WlQk1PwuZ
bgyM/0Fusg/SoVNL+zl0t1ytnffKKQP7NhTeSRid0gtFyl679wLHeaupevU44yHZ
kPOfijkrTJnCFm4Up1dr
=OIz4
—–END PGP SIGNATURE—–

ncert
Top
More in Preporuke
Sigurnosni propusti programske biblioteke libvdpau

Otkriveni su sigurnosni propusti u programskoj biblioteci libvdpau za Debian. Propusti su uzrokovani neispravnim upravljanjem određenim varijablama okruženja. Propusti lokalnom...

Close