Bug 37756 - freetype: Multiple issues (3.2)
freetype: Multiple issues (3.2)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 3.2
Other Linux
: P3 normal (vote)
: UCS 3.2-5-errata
Assigned To: Philipp Hahn
Janek Walkenhorst
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-02-11 07:33 CET by Moritz Muehlenhoff
Modified: 2015-03-25 14:04 CET (History)
1 user (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Moritz Muehlenhoff univentionstaff 2015-02-11 07:33:42 CET
Multiple bugs in processing font files allow denial of service or the execution of arbitrary code:
CVE-2014-9675 CVE-2014-9674 CVE-2014-9673 CVE-2014-9672 CVE-2014-9671 CVE-2014-9670 CVE-2014-9669 CVE-2014-9668 CVE-2014-9667 CVE-2014-9666
CVE-2014-9665 CVE-2014-9664 CVE-2014-9663 CVE-2014-9662 CVE-2014-9661
CVE-2014-9660 CVE-2014-9659 CVE-2014-9658 CVE-2014-9657 CVE-2014-9656
Comment 1 Philipp Hahn univentionstaff 2015-03-19 16:30:50 CET
repo_admin.py --cherrypick -r 3.0 -s errata3.0-1 --releasedest 3.2 --dest errata3.2-5 -p freetype
b32-scope errata3.2-5 freetype

r14497 | 3.2-0-0-ucs/2.4.2-2.1+squeeze4-errata3.2-5/10_CVEs-2014-9657-9675.patch
Comment 2 Philipp Hahn univentionstaff 2015-03-19 17:22:17 CET
Package: freetype
Version: 2.4.2-2.1.63.201503191628
Branch: ucs_3.2-0
Scope: errata3.2-5

r59252 | Bug #37756 FreeType: YAML
 2015-03-19-freetype.yaml

QA: See <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777656> for a link-list of the CVEs.
Comment 3 Janek Walkenhorst univentionstaff 2015-03-24 17:47:32 CET
Tests: OK
Advisory: OK
Comment 4 Janek Walkenhorst univentionstaff 2015-03-25 14:04:01 CET
<http://errata.univention.de/ucs/3.2/307.html>