exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2007.081

Mandriva Linux Security Advisory 2007.081
Posted Apr 5, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - iDefense integer overflows in the way freetype handled various font files. A malicious local user could exploit these issues to potentially execute arbitrary code.

tags | advisory, overflow, arbitrary, local
systems | linux, mandriva
advisories | CVE-2007-1351
SHA-256 | d4da0504bcad1dad21f7e27ad6722ecbd0d461fba5c492fe3ced6afa5497909a
Download | Favorite | View

Mandriva Linux Security Advisory 2007.081

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:081
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : freetype2
 Date    : April 4, 2007
 Affected: 2007.0, Corporate 3.0, Corporate 4.0,
           Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 iDefense integer overflows in the way freetype handled various font
 files. A malicious local user could exploit these issues to potentially
 execute arbitrary code.
 
 Updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 f6fa7475ddd370e4c5666c8e5f3ea1ab  2007.0/i586/libfreetype6-2.2.1-4.1mdv2007.0.i586.rpm
 798b4436b273364cb5b88adc2ab02284  2007.0/i586/libfreetype6-devel-2.2.1-4.1mdv2007.0.i586.rpm
 d4448a43fcf33b965148f985918c8c1f  2007.0/i586/libfreetype6-static-devel-2.2.1-4.1mdv2007.0.i586.rpm 
 e94919cdff41a89e8dfb013b51e97298  2007.0/SRPMS/freetype2-2.2.1-4.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 09b1e2a374c33f5ba03fbdf9a3a9c06d  2007.0/x86_64/lib64freetype6-2.2.1-4.1mdv2007.0.x86_64.rpm
 07920f5a1d99c335b6c8348c278ab1c5  2007.0/x86_64/lib64freetype6-devel-2.2.1-4.1mdv2007.0.x86_64.rpm
 d23852054cb490feea6dfb9c00c66d96  2007.0/x86_64/lib64freetype6-static-devel-2.2.1-4.1mdv2007.0.x86_64.rpm 
 e94919cdff41a89e8dfb013b51e97298  2007.0/SRPMS/freetype2-2.2.1-4.1mdv2007.0.src.rpm

 Corporate 3.0:
 dbd9d9dce2eecf5dc0f07b949438f6e2  corporate/3.0/i586/libfreetype6-2.1.7-4.4.C30mdk.i586.rpm
 5b4ae55777d8fb0802300180164626be  corporate/3.0/i586/libfreetype6-devel-2.1.7-4.4.C30mdk.i586.rpm
 e93a54a13629939d1b069cc8c6d7ba00  corporate/3.0/i586/libfreetype6-static-devel-2.1.7-4.4.C30mdk.i586.rpm 
 389338c4062630ef82932a16888aca74  corporate/3.0/SRPMS/freetype2-2.1.7-4.4.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 020ea45885d2d352f01e6db561e91043  corporate/3.0/x86_64/lib64freetype6-2.1.7-4.4.C30mdk.x86_64.rpm
 1bd6b3ca33a1c79664b77fef5386d968  corporate/3.0/x86_64/lib64freetype6-devel-2.1.7-4.4.C30mdk.x86_64.rpm
 8beb621c6ad598032038295c1742eaa5  corporate/3.0/x86_64/lib64freetype6-static-devel-2.1.7-4.4.C30mdk.x86_64.rpm
 dbd9d9dce2eecf5dc0f07b949438f6e2  corporate/3.0/x86_64/libfreetype6-2.1.7-4.4.C30mdk.i586.rpm 
 389338c4062630ef82932a16888aca74  corporate/3.0/SRPMS/freetype2-2.1.7-4.4.C30mdk.src.rpm

 Corporate 4.0:
 14f546a8e3fe70362e25138b08efe734  corporate/4.0/i586/libfreetype6-2.1.10-9.5.20060mlcs4.i586.rpm
 47bc3d7a07c632386e1d11c5180e89bf  corporate/4.0/i586/libfreetype6-devel-2.1.10-9.5.20060mlcs4.i586.rpm
 d61c4fbe40e780d40638e83e556ca464  corporate/4.0/i586/libfreetype6-static-devel-2.1.10-9.5.20060mlcs4.i586.rpm 
 53fb2858df7f92bee30b27f588953d42  corporate/4.0/SRPMS/freetype2-2.1.10-9.5.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 593b7b057948a4e68bccc078f3e6582a  corporate/4.0/x86_64/lib64freetype6-2.1.10-9.5.20060mlcs4.x86_64.rpm
 06e9aedc719c1e1232d193dfe0fd1430  corporate/4.0/x86_64/lib64freetype6-devel-2.1.10-9.5.20060mlcs4.x86_64.rpm
 f3e065cdefa7ae88538dd8c8d630d65b  corporate/4.0/x86_64/lib64freetype6-static-devel-2.1.10-9.5.20060mlcs4.x86_64.rpm
 14f546a8e3fe70362e25138b08efe734  corporate/4.0/x86_64/libfreetype6-2.1.10-9.5.20060mlcs4.i586.rpm
 47bc3d7a07c632386e1d11c5180e89bf  corporate/4.0/x86_64/libfreetype6-devel-2.1.10-9.5.20060mlcs4.i586.rpm
 d61c4fbe40e780d40638e83e556ca464  corporate/4.0/x86_64/libfreetype6-static-devel-2.1.10-9.5.20060mlcs4.i586.rpm 
 53fb2858df7f92bee30b27f588953d42  corporate/4.0/SRPMS/freetype2-2.1.10-9.5.20060mlcs4.src.rpm

 Multi Network Firewall 2.0:
 2d6f0486f22dba324dcfbfba8ee92aea  mnf/2.0/i586/libfreetype6-2.1.7-4.4.M20mdk.i586.rpm
 cb19a04e2a59b58c0404865ee2b6ad0b  mnf/2.0/i586/libfreetype6-devel-2.1.7-4.4.M20mdk.i586.rpm
 95374cb08444a52b998bec97099d8692  mnf/2.0/i586/libfreetype6-static-devel-2.1.7-4.4.M20mdk.i586.rpm 
 61be4166abddbca6eb0910f71fefcb53  mnf/2.0/SRPMS/freetype2-2.1.7-4.4.M20mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGFAtemqjQ0CJFipgRAkhtAJ42iNEiWci/xxFgdFF/+6OSF02s/gCcCCre
I2We3GB/HnFuq8iORUQcXJQ=
=Q0X4
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close