exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2007.081

Mandriva Linux Security Advisory 2007.081
Posted Apr 5, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - iDefense integer overflows in the way freetype handled various font files. A malicious local user could exploit these issues to potentially execute arbitrary code.

tags | advisory, overflow, arbitrary, local
systems | linux, mandriva
advisories | CVE-2007-1351
SHA-256 | d4da0504bcad1dad21f7e27ad6722ecbd0d461fba5c492fe3ced6afa5497909a

Mandriva Linux Security Advisory 2007.081

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2007:081
https://www.mandriva.com/security/
_______________________________________________________________________

Package : freetype2
Date : April 4, 2007
Affected: 2007.0, Corporate 3.0, Corporate 4.0,
Multi Network Firewall 2.0
_______________________________________________________________________

Problem Description:

iDefense integer overflows in the way freetype handled various font
files. A malicious local user could exploit these issues to potentially
execute arbitrary code.

Updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2007.0:
f6fa7475ddd370e4c5666c8e5f3ea1ab 2007.0/i586/libfreetype6-2.2.1-4.1mdv2007.0.i586.rpm
798b4436b273364cb5b88adc2ab02284 2007.0/i586/libfreetype6-devel-2.2.1-4.1mdv2007.0.i586.rpm
d4448a43fcf33b965148f985918c8c1f 2007.0/i586/libfreetype6-static-devel-2.2.1-4.1mdv2007.0.i586.rpm
e94919cdff41a89e8dfb013b51e97298 2007.0/SRPMS/freetype2-2.2.1-4.1mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
09b1e2a374c33f5ba03fbdf9a3a9c06d 2007.0/x86_64/lib64freetype6-2.2.1-4.1mdv2007.0.x86_64.rpm
07920f5a1d99c335b6c8348c278ab1c5 2007.0/x86_64/lib64freetype6-devel-2.2.1-4.1mdv2007.0.x86_64.rpm
d23852054cb490feea6dfb9c00c66d96 2007.0/x86_64/lib64freetype6-static-devel-2.2.1-4.1mdv2007.0.x86_64.rpm
e94919cdff41a89e8dfb013b51e97298 2007.0/SRPMS/freetype2-2.2.1-4.1mdv2007.0.src.rpm

Corporate 3.0:
dbd9d9dce2eecf5dc0f07b949438f6e2 corporate/3.0/i586/libfreetype6-2.1.7-4.4.C30mdk.i586.rpm
5b4ae55777d8fb0802300180164626be corporate/3.0/i586/libfreetype6-devel-2.1.7-4.4.C30mdk.i586.rpm
e93a54a13629939d1b069cc8c6d7ba00 corporate/3.0/i586/libfreetype6-static-devel-2.1.7-4.4.C30mdk.i586.rpm
389338c4062630ef82932a16888aca74 corporate/3.0/SRPMS/freetype2-2.1.7-4.4.C30mdk.src.rpm

Corporate 3.0/X86_64:
020ea45885d2d352f01e6db561e91043 corporate/3.0/x86_64/lib64freetype6-2.1.7-4.4.C30mdk.x86_64.rpm
1bd6b3ca33a1c79664b77fef5386d968 corporate/3.0/x86_64/lib64freetype6-devel-2.1.7-4.4.C30mdk.x86_64.rpm
8beb621c6ad598032038295c1742eaa5 corporate/3.0/x86_64/lib64freetype6-static-devel-2.1.7-4.4.C30mdk.x86_64.rpm
dbd9d9dce2eecf5dc0f07b949438f6e2 corporate/3.0/x86_64/libfreetype6-2.1.7-4.4.C30mdk.i586.rpm
389338c4062630ef82932a16888aca74 corporate/3.0/SRPMS/freetype2-2.1.7-4.4.C30mdk.src.rpm

Corporate 4.0:
14f546a8e3fe70362e25138b08efe734 corporate/4.0/i586/libfreetype6-2.1.10-9.5.20060mlcs4.i586.rpm
47bc3d7a07c632386e1d11c5180e89bf corporate/4.0/i586/libfreetype6-devel-2.1.10-9.5.20060mlcs4.i586.rpm
d61c4fbe40e780d40638e83e556ca464 corporate/4.0/i586/libfreetype6-static-devel-2.1.10-9.5.20060mlcs4.i586.rpm
53fb2858df7f92bee30b27f588953d42 corporate/4.0/SRPMS/freetype2-2.1.10-9.5.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
593b7b057948a4e68bccc078f3e6582a corporate/4.0/x86_64/lib64freetype6-2.1.10-9.5.20060mlcs4.x86_64.rpm
06e9aedc719c1e1232d193dfe0fd1430 corporate/4.0/x86_64/lib64freetype6-devel-2.1.10-9.5.20060mlcs4.x86_64.rpm
f3e065cdefa7ae88538dd8c8d630d65b corporate/4.0/x86_64/lib64freetype6-static-devel-2.1.10-9.5.20060mlcs4.x86_64.rpm
14f546a8e3fe70362e25138b08efe734 corporate/4.0/x86_64/libfreetype6-2.1.10-9.5.20060mlcs4.i586.rpm
47bc3d7a07c632386e1d11c5180e89bf corporate/4.0/x86_64/libfreetype6-devel-2.1.10-9.5.20060mlcs4.i586.rpm
d61c4fbe40e780d40638e83e556ca464 corporate/4.0/x86_64/libfreetype6-static-devel-2.1.10-9.5.20060mlcs4.i586.rpm
53fb2858df7f92bee30b27f588953d42 corporate/4.0/SRPMS/freetype2-2.1.10-9.5.20060mlcs4.src.rpm

Multi Network Firewall 2.0:
2d6f0486f22dba324dcfbfba8ee92aea mnf/2.0/i586/libfreetype6-2.1.7-4.4.M20mdk.i586.rpm
cb19a04e2a59b58c0404865ee2b6ad0b mnf/2.0/i586/libfreetype6-devel-2.1.7-4.4.M20mdk.i586.rpm
95374cb08444a52b998bec97099d8692 mnf/2.0/i586/libfreetype6-static-devel-2.1.7-4.4.M20mdk.i586.rpm
61be4166abddbca6eb0910f71fefcb53 mnf/2.0/SRPMS/freetype2-2.1.7-4.4.M20mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

https://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGFAtemqjQ0CJFipgRAkhtAJ42iNEiWci/xxFgdFF/+6OSF02s/gCcCCre
I2We3GB/HnFuq8iORUQcXJQ=
=Q0X4
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close