Oval Definition:oval:org.opensuse.security:def:55468
Revision Date:2020-12-01Version:1
Title:Security update for freetype2 (Moderate)
Description:

freetype2 was updated to fix 20 security issues.

These security issues were fixed: - CVE-2014-9663: The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table (bnc#916865). - CVE-2014-9662: cff/cf2ft.c in FreeType before 2.5.4 did not validate the return values of point-allocation functions, which allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font (bnc#916860). - CVE-2014-9661: type42/t42parse.c in FreeType before 2.5.4 did not consider that scanning can be incomplete without triggering an error, which allowed remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font (bnc#916859). - CVE-2014-9660: The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 did not properly handle a missing ENDCHAR record, which allowed remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font (bnc#916858). - CVE-2014-9667: sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allowed remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table (bnc#916861). - CVE-2014-9666: The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allowed remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap (bnc#916862). - CVE-2014-9665: The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 did not restrict the rows and pitch values of PNG data, which allowed remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact by embedding a PNG file in a .ttf font file (bnc#916863). - CVE-2014-9664: FreeType before 2.5.4 did not check for the end of the data during certain parsing actions, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c (bnc#916864). - CVE-2014-9669: Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allowed remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table (bnc#916870). - CVE-2014-9668: The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allowed remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file (bnc#916868). - CVE-2014-9656: The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 did not properly check for an integer overflow, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font (bnc#916847). - CVE-2014-9658: The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font (bnc#916857). - CVE-2014-9659: cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allowed remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240 (bnc#916867). - CVE-2014-9674: The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allowed remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font (bnc#916879). - CVE-2014-9675: bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allowed remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font (bnc#916881). - CVE-2014-9657: The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 did not establish a minimum record size, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font (bnc#916856). - CVE-2014-9670: Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allowed remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row (bnc#916871). - CVE-2014-9671: Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented (bnc#916872). - CVE-2014-9672: Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allowed remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file (bnc#916873). - CVE-2014-9673: Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allowed remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font (bnc#916874).
Family:unixClass:patch
Status:Reference(s):1002991
1002995
1002998
1003000
1003002
1003012
1003017
1003023
1021417
1025013
1025254
1030575
1031481
1031660
1039496
1111647
1118277
1123919
1125230
1130103
1133528
808243
876449
916847
916856
916857
916858
916859
916860
916861
916862
916863
916864
916865
916867
916868
916870
916871
916872
916873
916874
916879
916881
929414
937339
961491
982779
CVE-2013-0211
CVE-2013-0787
CVE-2013-1571
CVE-2014-0578
CVE-2014-2240
CVE-2014-2891
CVE-2014-9656
CVE-2014-9657
CVE-2014-9658
CVE-2014-9659
CVE-2014-9660
CVE-2014-9661
CVE-2014-9662
CVE-2014-9663
CVE-2014-9664
CVE-2014-9665
CVE-2014-9666
CVE-2014-9667
CVE-2014-9668
CVE-2014-9669
CVE-2014-9670
CVE-2014-9671
CVE-2014-9672
CVE-2014-9673
CVE-2014-9674
CVE-2014-9675
CVE-2015-1609
CVE-2015-2304
CVE-2015-3114
CVE-2015-3115
CVE-2015-3116
CVE-2015-3117
CVE-2015-3118
CVE-2015-3119
CVE-2015-3120
CVE-2015-3121
CVE-2015-3122
CVE-2015-3123
CVE-2015-3124
CVE-2015-3125
CVE-2015-3126
CVE-2015-3127
CVE-2015-3128
CVE-2015-3129
CVE-2015-3130
CVE-2015-3131
CVE-2015-3132
CVE-2015-3133
CVE-2015-3134
CVE-2015-3135
CVE-2015-3136
CVE-2015-3137
CVE-2015-3622
CVE-2015-4428
CVE-2015-4429
CVE-2015-4430
CVE-2015-4431
CVE-2015-4432
CVE-2015-4433
CVE-2015-5116
CVE-2015-5117
CVE-2015-5118
CVE-2015-5119
CVE-2016-4008
CVE-2016-5407
CVE-2016-7942
CVE-2016-7944
CVE-2016-7945
CVE-2016-7946
CVE-2016-7947
CVE-2016-7948
CVE-2016-7949
CVE-2016-7950
CVE-2016-7951
CVE-2016-7952
CVE-2016-7953
CVE-2017-1000364
CVE-2018-12086
CVE-2018-15587
CVE-2018-18227
CVE-2018-19788
CVE-2019-3859
SUSE-SU-2015:0455-1
SUSE-SU-2015:1211-1
SUSE-SU-2015:1227-1
SUSE-SU-2016:1601-1
SUSE-SU-2016:2505-1
SUSE-SU-2017:1942-1
SUSE-SU-2017:1944-1
SUSE-SU-2018:3590-2
SUSE-SU-2019:0019-1
SUSE-SU-2019:1060-1
SUSE-SU-2019:1391-1
SUSE-SU-2019:3085-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • NetworkManager-applet-1.8.10-lp150.3 is installed
  • OR NetworkManager-applet-lang-1.8.10-lp150.3 is installed
  • OR NetworkManager-connection-editor-1.8.10-lp150.3 is installed
  • OR libnm-gtk0-1.8.10-lp150.3 is installed
  • OR libnma0-1.8.10-lp150.3 is installed
  • OR nma-data-1.8.10-lp150.3 is installed
  • OR typelib-1_0-NMGtk-1_0-1.8.10-lp150.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • GraphicsMagick-1.3.29-lp151.4.6 is installed
  • OR GraphicsMagick-devel-1.3.29-lp151.4.6 is installed
  • OR libGraphicsMagick++-Q16-12-1.3.29-lp151.4.6 is installed
  • OR libGraphicsMagick++-devel-1.3.29-lp151.4.6 is installed
  • OR libGraphicsMagick-Q16-3-1.3.29-lp151.4.6 is installed
  • OR libGraphicsMagick3-config-1.3.29-lp151.4.6 is installed
  • OR libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.6 is installed
  • OR perl-GraphicsMagick-1.3.29-lp151.4.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • MozillaFirefox-17.0.4esr-0.5 is installed
  • OR MozillaFirefox-branding-SLED-7-0.6.9 is installed
  • OR MozillaFirefox-translations-17.0.4esr-0.5 is installed
  • OR beagle-0.3.8-56.51 is installed
  • OR beagle-evolution-0.3.8-56.51 is installed
  • OR beagle-firefox-0.3.8-56.51 is installed
  • OR beagle-gui-0.3.8-56.51 is installed
  • OR beagle-lang-0.3.8-56.51 is installed
  • OR libfreebl3-3.14.2-0.4.3 is installed
  • OR libfreebl3-32bit-3.14.2-0.4.3 is installed
  • OR mhtml-firefox-0.5-1.47.51 is installed
  • OR mozilla-nspr-4.9.5-0.3 is installed
  • OR mozilla-nspr-32bit-4.9.5-0.3 is installed
  • OR mozilla-nss-3.14.2-0.4.3 is installed
  • OR mozilla-nss-32bit-3.14.2-0.4.3 is installed
  • OR mozilla-nss-tools-3.14.2-0.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • strongswan-4.4.0-6.25 is installed
  • OR strongswan-doc-4.4.0-6.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • freetype2-2.5.3-5 is installed
  • OR ft2demos-2.5.3-5 is installed
  • OR libfreetype6-2.5.3-5 is installed
  • OR libfreetype6-32bit-2.5.3-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • evolution-3.22.6-19.9 is installed
  • OR evolution-lang-3.22.6-19.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libwireshark9-2.4.10-48.32 is installed
  • OR libwiretap7-2.4.10-48.32 is installed
  • OR libwscodecs1-2.4.10-48.32 is installed
  • OR libwsutil8-2.4.10-48.32 is installed
  • OR wireshark-2.4.10-48.32 is installed
  • OR wireshark-gtk-2.4.10-48.32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND ant-1.9.4-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_69-60_64_35-default-3-3 is installed
  • OR kgraft-patch-3_12_69-60_64_35-xen-3-3 is installed
  • OR kgraft-patch-SLE12-SP1_Update_14-3-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • e2fsprogs-1.42.11-7 is installed
  • OR libcom_err2-1.42.11-7 is installed
  • OR libcom_err2-32bit-1.42.11-7 is installed
  • OR libext2fs2-1.42.11-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • strongswan-5.1.3-26.13 is installed
  • OR strongswan-doc-5.1.3-26.13 is installed
  • OR strongswan-hmac-5.1.3-26.13 is installed
  • OR strongswan-ipsec-5.1.3-26.13 is installed
  • OR strongswan-libs0-5.1.3-26.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND ucode-intel-20190507-13.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_103-92_56-default-11-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_17-11-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • dbus-1-1.8.22-28 is installed
  • OR dbus-1-x11-1.8.22-28 is installed
  • OR libdbus-1-3-1.8.22-28 is installed
  • OR libdbus-1-3-32bit-1.8.22-28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr6.5-30.63 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr6.5-30.63 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr6.5-30.63 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr6.5-30.63 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_97-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_26-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • ovmf-2017+git1492060560.b6d11d7c46-4.12 is installed
  • OR ovmf-tools-2017+git1492060560.b6d11d7c46-4.12 is installed
  • OR qemu-ovmf-x86_64-2017+git1492060560.b6d11d7c46-4.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • jakarta-taglibs-standard-1.1.1-255 is installed
  • OR jakarta-taglibs-standard-javadoc-1.1.1-255 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND mongodb-2.4.14-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND ucode-intel-20180425-13.20 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND python-Werkzeug-0.12.2-3.3 is installed
    • BACK