Test ID:	1.3.6.1.4.1.25623.1.0.68119
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2010:0737
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2010:0737. FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. The freetype packages for Red Hat Enterprise Linux 4 provide both the FreeType 1 and FreeType 2 font engines. The freetype packages for Red Hat Enterprise Linux 5 provide only the FreeType 2 font engine. It was discovered that the FreeType font rendering engine improperly validated certain position values when processing input streams. If a user loaded a specially-crafted font file with an application linked against FreeType, and the relevant font glyphs were subsequently rendered with the X FreeType library (libXft), it could trigger a heap-based buffer overflow in the libXft library, causing the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2010-3311) A stack-based buffer overflow flaw was found in the way the FreeType font rendering engine processed some PostScript Type 1 fonts. If a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2010-2808) An array index error was found in the way the FreeType font rendering engine processed certain PostScript Type 42 font files. If a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2010-2806) A stack overflow flaw was found in the way the FreeType font rendering engine processed PostScript Type 1 font files that contain nested Standard Encoding Accented Character (seac) calls. If a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash. (CVE-2010-3054) Note: All of the issues in this erratum only affect the FreeType 2 font engine. Users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The X server must be restarted (log out, then log back in) for this update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0737.html http://www.redhat.com/security/updates/classification/#important Risk factor : Critical CVSS Score: 9.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2806 40816 http://secunia.com/advisories/40816 40982 http://secunia.com/advisories/40982 42285 http://www.securityfocus.com/bid/42285 42314 http://secunia.com/advisories/42314 42317 http://secunia.com/advisories/42317 ADV-2010-2018 http://www.vupen.com/english/advisories/2010/2018 ADV-2010-2106 http://www.vupen.com/english/advisories/2010/2106 ADV-2010-3045 http://www.vupen.com/english/advisories/2010/3045 ADV-2010-3046 http://www.vupen.com/english/advisories/2010/3046 APPLE-SA-2010-11-10-1 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html APPLE-SA-2010-11-22-1 http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html RHSA-2010:0736 https://rhn.redhat.com/errata/RHSA-2010-0736.html RHSA-2010:0737 https://rhn.redhat.com/errata/RHSA-2010-0737.html RHSA-2010:0864 http://www.redhat.com/support/errata/RHSA-2010-0864.html USN-972-1 http://www.ubuntu.com/usn/USN-972-1 [oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more http://marc.info/?l=oss-security&m=128111955616772&w=2 http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557 http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view http://support.apple.com/kb/HT4435 http://support.apple.com/kb/HT4456 http://support.apple.com/kb/HT4457 https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 https://bugzilla.redhat.com/show_bug.cgi?id=621980 https://savannah.nongnu.org/bugs/?30656 Common Vulnerability Exposure (CVE) ID: CVE-2010-2808 [oss-security] 20100806 CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts http://marc.info/?l=oss-security&m=128110167119337&w=2 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975 https://bugzilla.redhat.com/show_bug.cgi?id=621907 https://savannah.nongnu.org/bugs/?30658 Common Vulnerability Exposure (CVE) ID: CVE-2010-3054 BugTraq ID: 42621 http://www.securityfocus.com/bid/42621 RedHat Security Advisories: RHSA-2010:0736 RedHat Security Advisories: RHSA-2010:0737 http://secunia.com/advisories/48951 SuSE Security Announcement: SUSE-SR:2010:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html Common Vulnerability Exposure (CVE) ID: CVE-2010-3311 43700 http://www.securityfocus.com/bid/43700 48951 DSA-2116 http://www.debian.org/security/2010/dsa-2116 MDVSA-2010:201 http://www.mandriva.com/security/advisories?name=MDVSA-2010:201 SUSE-SR:2010:019 USN-1013-1 http://www.ubuntu.com/usn/USN-1013-1 https://bugzilla.redhat.com/show_bug.cgi?id=623625
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.