OVAL Reference oval:com.redhat.rhsa:def:20070150

Oval Definition:

oval:com.redhat.rhsa:def:20070150

Revision Date:	2007-04-16	Version:	635
Title:	RHSA-2007:0150: freetype security update (Moderate)
Description:	FreeType is a free, high-quality, portable font engine. An integer overflow flaw was found in the way the FreeType font engine processed BDF font files. If a user loaded a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or execute arbitrary code. While it is uncommon for a user to explicitly load a font file, there are several application file formats which contain embedded fonts that are parsed by FreeType. (CVE-2007-1351) This flaw did not affect the version of FreeType shipped in Red Hat Enterprise Linux 2.1. Users of FreeType should upgrade to these updated packages, which contain a backported patch to correct this issue. Red Hat would like to thank iDefense for reporting this issue.
Family:	unix	Class:	patch
Status:		Reference(s):	CVE-2007-1351 RHSA-2007:0150 RHSA-2007:0150-01 RHSA-2007:0150-01
Platform(s):	Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5	Product(s):
Definition Synopsis
Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 3 is installed AND freetype is earlier than 0:2.1.4-6.el3 AND freetype is signed with Red Hat master key freetype-devel is earlier than 0:2.1.4-6.el3 AND freetype-devel is signed with Red Hat master key OR Package Information Red Hat Enterprise Linux 4 is installed AND freetype-utils is earlier than 0:2.1.9-5.el4 AND freetype-utils is signed with Red Hat master key freetype-devel is earlier than 0:2.1.9-5.el4 AND freetype-devel is signed with Red Hat master key freetype-demos is earlier than 0:2.1.9-5.el4 AND freetype-demos is signed with Red Hat master key freetype is earlier than 0:2.1.9-5.el4 AND freetype is signed with Red Hat master key OR Package Information Red Hat Enterprise Linux 5 is installed AND freetype-demos is earlier than 0:2.2.1-17.el5 AND freetype-demos is signed with Red Hat redhatrelease key freetype is earlier than 0:2.2.1-17.el5 AND freetype is signed with Red Hat redhatrelease key freetype-devel is earlier than 0:2.2.1-17.el5 AND freetype-devel is signed with Red Hat redhatrelease key
Definition Synopsis
Release Information Red Hat Enterprise Linux 3 is installed AND freetype is earlier than 0:2.1.4-6.el3 AND freetype is signed with Red Hat master key freetype-demos is earlier than 0:2.1.4-6.el3 AND freetype-demos is signed with Red Hat master key freetype-devel is earlier than 0:2.1.4-6.el3 AND freetype-devel is signed with Red Hat master key freetype-utils is earlier than 0:2.1.4-6.el3 AND freetype-utils is signed with Red Hat master key OR Package Information Red Hat Enterprise Linux 4 is installed AND freetype is earlier than 0:2.1.9-5.el4 AND freetype is signed with Red Hat master key freetype-demos is earlier than 0:2.1.9-5.el4 AND freetype-demos is signed with Red Hat master key freetype-devel is earlier than 0:2.1.9-5.el4 AND freetype-devel is signed with Red Hat master key freetype-utils is earlier than 0:2.1.9-5.el4 AND freetype-utils is signed with Red Hat master key OR Package Information Red Hat Enterprise Linux 5 is installed AND freetype is earlier than 0:2.2.1-17.el5 AND freetype is signed with Red Hat redhatrelease key freetype-demos is earlier than 0:2.2.1-17.el5 AND freetype-demos is signed with Red Hat redhatrelease key freetype-devel is earlier than 0:2.2.1-17.el5 AND freetype-devel is signed with Red Hat redhatrelease key
Definition Synopsis
Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 4 is installed AND freetype is earlier than 0:2.1.9-5.el4 AND freetype is signed with Red Hat redhatrelease2 key freetype-demos is earlier than 0:2.1.9-5.el4 AND freetype-demos is signed with Red Hat redhatrelease2 key freetype-devel is earlier than 0:2.1.9-5.el4 AND freetype-devel is signed with Red Hat redhatrelease2 key freetype-utils is earlier than 0:2.1.9-5.el4 AND freetype-utils is signed with Red Hat redhatrelease2 key OR Package Information Red Hat Enterprise Linux 5 is installed AND freetype is earlier than 0:2.2.1-17.el5 AND freetype is signed with Red Hat redhatrelease2 key freetype-demos is earlier than 0:2.2.1-17.el5 AND freetype-demos is signed with Red Hat redhatrelease2 key freetype-devel is earlier than 0:2.2.1-17.el5 AND freetype-devel is signed with Red Hat redhatrelease2 key

BACK