Univention Bugzilla – Bug 37758
freetype: Multiple issues (ES 3.1)
Last modified: 2015-06-19 16:06:32 CEST
Multiple bugs in processing font files allow denial of service or the execution of arbitrary code: CVE-2014-9675 CVE-2014-9674 CVE-2014-9673 CVE-2014-9672 CVE-2014-9671 CVE-2014-9670 CVE-2014-9669 CVE-2014-9668 CVE-2014-9667 CVE-2014-9666 CVE-2014-9665 CVE-2014-9664 CVE-2014-9663 CVE-2014-9662 CVE-2014-9661 CVE-2014-9660 CVE-2014-9659 CVE-2014-9658 CVE-2014-9657 CVE-2014-9656 (freetype is used by server-relevant code such as PHP)
> CVE-2014-9659 CVE-2014-9662 CVE-2014-9668 [squeeze] - freetype <not-affected> (Vulnerable code not present)
Created attachment 6967 [details] advisory
OK: apt-cache policy libfreetype6 # 2.4.2-2.1.65.201506161649 OK: aptitude install '?source-package(freetype)~i' OK: aptitude install '?source-package(freetype)?not(?name(udeb))' OK: zless /usr/share/doc/libfreetype6/changelog.Debian.gz OK: CVE-2014-9659 CVE-2014-9662 CVE-2014-9668 OK: freetype2-demos OK: ftview 24 /usr/share/fonts/truetype/ttf-dejavu/DejaVuSans-Bold.ttf OK: attachment 6967 [details] OK: UCS-3.1 < UCS-3.2 OK: i686 amd64
Released