ID 20B4F284-2BFC-11DE-BDEB-0030843D3802 Type freebsd Reporter FreeBSD Modified 2009-04-16T00:00:00
Description
Secunia reports:
Some vulnerabilities have been reported in FreeType, which can be
exploited by malicious people to potentially compromise an application
using the library.
An integer overflow error within the "cff_charset_compute_cids()"
function in cff/cffload.c can be exploited to potentially cause a
heap-based buffer overflow via a specially crafted font.
Multiple integer overflow errors within validation functions in
sfnt/ttcmap.c can be exploited to bypass length validations and
potentially cause buffer overflows via specially crafted fonts.
An integer overflow error within the "ft_smooth_render_generic()"
function in smooth/ftsmooth.c can be exploited to potentially cause a
heap-based buffer overflow via a specially crafted font.
{"reporter": "FreeBSD", "published": "2009-04-16T00:00:00", "cvelist": ["CVE-2009-0946"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "2.3.9_1", "packageFilename": "UNKNOWN", "packageName": "freetype2", "arch": "noarch", "operator": "lt"}], "title": "freetype2 -- multiple vulnerabilities", "objectVersion": "1.2", "type": "freebsd", "href": "https://vuxml.freebsd.org/freebsd/20b4f284-2bfc-11de-bdeb-0030843d3802.html", "bulletinFamily": "unix", "hashmap": [{"hash": "74db5fd75bc46809096d4cfa0bd94b36", "key": "affectedPackage"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "9f58891bbf681f188b275a665b811217", "key": "cvelist"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "503b1c72a74fee86bb2aabadc9981c16", "key": "description"}, {"hash": "8bfba2029bbff6cd9dd5d6d7fdb791a7", "key": "href"}, {"hash": "d73da2fab595cc95d23fce85840a4051", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "d73da2fab595cc95d23fce85840a4051", "key": "published"}, {"hash": "d749579aedd893cfab4138598f49fefa", "key": "references"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "4f8656d07c31191716a85f6681dd2a8f", "key": "title"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "cfcd208495d565ef66e7dff9f98764da", "key": "viewCount"}], "history": [], "enchantments": {"score": {"vector": "NONE", "value": 7.5}, "vulnersScore": 7.5}, "modified": "2009-04-16T00:00:00", "hash": "74f655ab103bbd3371d10d675d75c5bb4effef83b40ae1a7aa234a7b2004847a", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "viewCount": 0, "edition": 1, "description": "\nSecunia reports:\n\nSome vulnerabilities have been reported in FreeType, which can be\n\t exploited by malicious people to potentially compromise an application\n\t using the library.\nAn integer overflow error within the \"cff_charset_compute_cids()\"\n\t function in cff/cffload.c can be exploited to potentially cause a\n\t heap-based buffer overflow via a specially crafted font.\nMultiple integer overflow errors within validation functions in\n\t sfnt/ttcmap.c can be exploited to bypass length validations and\n\t potentially cause buffer overflows via specially crafted fonts.\nAn integer overflow error within the \"ft_smooth_render_generic()\"\n\t function in smooth/ftsmooth.c can be exploited to potentially cause a\n\t heap-based buffer overflow via a specially crafted font.\n\n", "references": ["http://secunia.com/advisories/34723/"], "id": "20B4F284-2BFC-11DE-BDEB-0030843D3802", "lastseen": "2016-09-26T17:24:53"}
{"result": {"cve": [{"lastseen": "2017-09-29T14:26:32", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=491384", "http://www.vupen.com/english/advisories/2009/1522", "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5", "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1", "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html", "http://security.gentoo.org/glsa/glsa-200905-05.xml", "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:243", "http://www.vupen.com/english/advisories/2009/1058", "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e", "http://www.ubuntu.com/usn/USN-767-1", "http://support.apple.com/kb/HT3639", "http://support.apple.com/kb/HT3613", "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog", "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html", "http://support.apple.com/kb/HT3549", "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html", "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html", "http://support.apple.com/kb/HT4435", "http://www.redhat.com/support/errata/RHSA-2009-0329.html", "http://www.securityfocus.com/bid/34550", "http://www.vupen.com/english/advisories/2009/1297", "http://www.redhat.com/support/errata/RHSA-2009-1061.html", "http://www.debian.org/security/2009/dsa-1784", "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b", "http://www.redhat.com/support/errata/RHSA-2009-1062.html", "http://www.vupen.com/english/advisories/2009/1621"], "description": "Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.", "edition": 2, "reporter": "NVD", "published": "2009-04-16T20:30:00", "title": "CVE-2009-0946", "type": "cve", "enchantments": {"score": {"modified": "2017-09-29T14:26:32", "vector": "NONE", "value": 7.5}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10149", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-0946"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10149", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10149"}], "modified": "2017-09-28T21:34:06", "cpe": ["cpe:/a:freetype:freetype:2.3.4", "cpe:/a:freetype:freetype:2.0.6", "cpe:/a:freetype:freetype:2.1", "cpe:/a:freetype:freetype:2.0.9", "cpe:/a:freetype:freetype:2.2.1", "cpe:/a:freetype:freetype:2.1.9", "cpe:/a:freetype:freetype:2.1.4", "cpe:/a:freetype:freetype:2.3.5", "cpe:/a:freetype:freetype:2.2", "cpe:/a:freetype:freetype:2.1.6", "cpe:/a:freetype:freetype:2.1.8", "cpe:/a:freetype:freetype:2.1.5", "cpe:/a:freetype:freetype:2.3.3", "cpe:/a:freetype:freetype:2.3.9", "cpe:/a:freetype:freetype:2.1.10", "cpe:/a:freetype:freetype:2.1.8_rc1", "cpe:/a:freetype:freetype:1.3.1", "cpe:/a:freetype:freetype:2.1.3", "cpe:/a:freetype:freetype:2.2.10", "cpe:/a:freetype:freetype:2.1.7"], "id": "CVE-2009-0946", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0946", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2017-10-29T13:43:13", "references": [], "pluginID": "38684", "description": "Freetype was updated to fix some integer overflows that can be exploited remotely in conjunction with programs like a web-browser.\n(CVE-2009-0946) Thanks to Tavis Ormandy who found the bugs.", "edition": 2, "reporter": "Tenable", "published": "2009-05-05T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "type": "nessus", "title": "openSUSE 10 Security Update : freetype2 (freetype2-6185)", "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "cpe": ["cpe:/o:novell:opensuse:10.3", "p-cpe:/a:novell:opensuse:freetype2-devel-32bit", "p-cpe:/a:novell:opensuse:freetype2-32bit", "p-cpe:/a:novell:opensuse:freetype2-devel", "p-cpe:/a:novell:opensuse:freetype2"], "modified": "2014-06-13T00:00:00", "id": "SUSE_FREETYPE2-6185.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38684", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update freetype2-6185.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38684);\n script_version (\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:11:34 $\");\n\n script_cve_id(\"CVE-2009-0946\");\n\n script_name(english:\"openSUSE 10 Security Update : freetype2 (freetype2-6185)\");\n script_summary(english:\"Check for the freetype2-6185 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Freetype was updated to fix some integer overflows that can be\nexploited remotely in conjunction with programs like a web-browser.\n(CVE-2009-0946) Thanks to Tavis Ormandy who found the bugs.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected freetype2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:freetype2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:freetype2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:freetype2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:freetype2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"freetype2-2.3.5-18.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"freetype2-devel-2.3.5-18.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"freetype2-32bit-2.3.5-18.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"freetype2-devel-32bit-2.3.5-18.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"freetype2 / freetype2-32bit / freetype2-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:35:59", "references": ["http://lists.centos.org/pipermail/centos-announce/2009-May/015893.html", "http://lists.centos.org/pipermail/centos-announce/2009-May/015894.html"], "pluginID": "43752", "edition": 2, "description": "Updated freetype packages that fix various security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nFreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. These packages provide the FreeType 2 font engine.\n\nTavis Ormandy of the Google Security Team discovered several integer overflow flaws in the FreeType 2 font engine. If a user loaded a carefully-crafted font file with an application linked against FreeType 2, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2009-0946)\n\nUsers are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. The X server must be restarted (log out, then log back in) for this update to take effect.", "reporter": "Tenable", "published": "2010-01-06T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "nessus", "title": "CentOS 5 : freetype (CESA-2009:1061)", "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "cpe": ["p-cpe:/a:centos:centos:freetype", "p-cpe:/a:centos:centos:freetype-demos", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:freetype-devel"], "modified": "2013-06-28T00:00:00", "id": "CENTOS_RHSA-2009-1061.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=43752", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1061 and \n# CentOS Errata and Security Advisory 2009:1061 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(43752);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2013/06/28 23:49:39 $\");\n\n script_cve_id(\"CVE-2009-0946\");\n script_xref(name:\"RHSA\", value:\"2009:1061\");\n\n script_name(english:\"CentOS 5 : freetype (CESA-2009:1061)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated freetype packages that fix various security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nFreeType is a free, high-quality, portable font engine that can open\nand manage font files. It also loads, hints, and renders individual\nglyphs efficiently. These packages provide the FreeType 2 font engine.\n\nTavis Ormandy of the Google Security Team discovered several integer\noverflow flaws in the FreeType 2 font engine. If a user loaded a\ncarefully-crafted font file with an application linked against\nFreeType 2, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication. (CVE-2009-0946)\n\nUsers are advised to upgrade to these updated packages, which contain\na backported patch to correct these issues. The X server must be\nrestarted (log out, then log back in) for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.centos.org/pipermail/centos-announce/2009-May/015893.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.centos.org/pipermail/centos-announce/2009-May/015894.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected freetype packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:freetype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:freetype-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:freetype-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"freetype-2.2.1-21.el5_3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"freetype-demos-2.2.1-21.el5_3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"freetype-devel-2.2.1-21.el5_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:45:25", "references": ["http://support.novell.com/security/cve/CVE-2009-0946.html"], "pluginID": "41294", "edition": 2, "description": "Freetype was updated to fix some integer overflows that can be exploited remotely in conjunction with programs like a web-browser.\n(CVE-2009-0946) Thanks to Tavis Ormandy who found the bugs.", "reporter": "Tenable", "published": "2009-09-24T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "nessus", "title": "SuSE9 Security Update : freetype2 (YOU Patch Number 12398)", "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "cpe": ["cpe:/o:suse:suse_linux"], "modified": "2012-04-23T00:00:00", "id": "SUSE9_12398.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=41294", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41294);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2012/04/23 18:14:43 $\");\n\n script_cve_id(\"CVE-2009-0946\");\n\n script_name(english:\"SuSE9 Security Update : freetype2 (YOU Patch Number 12398)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Freetype was updated to fix some integer overflows that can be\nexploited remotely in conjunction with programs like a web-browser.\n(CVE-2009-0946) Thanks to Tavis Ormandy who found the bugs.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0946.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12398.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"freetype2-2.1.7-53.21\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"freetype2-devel-2.1.7-53.21\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"freetype2-32bit-9-200904162346\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"freetype2-devel-32bit-9-200904162346\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:42:22", "references": ["http://www.debian.org/security/2009/dsa-1784"], "pluginID": "38656", "description": "Tavis Ormandy discovered several integer overflows in FreeType, a library to process and access font files, resulting in heap- or stack-based buffer overflows leading to application crashes or the execution of arbitrary code via a crafted font file.", "edition": 2, "reporter": "Tenable", "published": "2009-05-01T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "nessus", "title": "Debian DSA-1784-1 : freetype - integer overflows", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:freetype", "cpe:/o:debian:debian_linux:5.0"], "modified": "2013-05-17T00:00:00", "id": "DEBIAN_DSA-1784.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38656", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1784. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38656);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2013/05/17 23:49:56 $\");\n\n script_cve_id(\"CVE-2009-0946\");\n script_xref(name:\"DSA\", value:\"1784\");\n\n script_name(english:\"Debian DSA-1784-1 : freetype - integer overflows\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tavis Ormandy discovered several integer overflows in FreeType, a\nlibrary to process and access font files, resulting in heap- or\nstack-based buffer overflows leading to application crashes or the\nexecution of arbitrary code via a crafted font file.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2009/dsa-1784\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the freetype packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.2.1-5+etch4.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 2.3.7-2+lenny1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:freetype\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"freetype2-demos\", reference:\"2.2.1-5+etch4\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libfreetype6\", reference:\"2.2.1-5+etch4\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libfreetype6-dev\", reference:\"2.2.1-5+etch4\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"freetype2-demos\", reference:\"2.3.7-2+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libfreetype6\", reference:\"2.3.7-2+lenny1\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libfreetype6-dev\", reference:\"2.3.7-2+lenny1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:39:25", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=485889"], "pluginID": "40217", "description": "Freetype was updated to fix some integer overflows that can be exploited remotely in conjunction with programs like a web-browser.\n(CVE-2009-0946) Thanks to Tavis Ormandy who found the bugs.", "edition": 2, "reporter": "Tenable", "published": "2009-07-21T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "type": "nessus", "title": "openSUSE Security Update : freetype2 (freetype2-794)", "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "cpe": ["p-cpe:/a:novell:opensuse:freetype2-devel-32bit", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:freetype2-32bit", "p-cpe:/a:novell:opensuse:freetype2-devel", "p-cpe:/a:novell:opensuse:freetype2"], "modified": "2014-06-13T00:00:00", "id": "SUSE_11_1_FREETYPE2-090416.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=40217", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update freetype2-794.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40217);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/06/13 19:49:34 $\");\n\n script_cve_id(\"CVE-2009-0946\");\n\n script_name(english:\"openSUSE Security Update : freetype2 (freetype2-794)\");\n script_summary(english:\"Check for the freetype2-794 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Freetype was updated to fix some integer overflows that can be\nexploited remotely in conjunction with programs like a web-browser.\n(CVE-2009-0946) Thanks to Tavis Ormandy who found the bugs.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=485889\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected freetype2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:freetype2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:freetype2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:freetype2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:freetype2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"freetype2-2.3.7-24.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"freetype2-devel-2.3.7-24.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"freetype2-32bit-2.3.7-24.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"freetype2-devel-32bit-2.3.7-24.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"freetype2 / freetype2-32bit / freetype2-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:34:29", "references": ["http://www.nessus.org/u?6624e33f"], "pluginID": "36191", "edition": 2, "description": "Secunia reports :\n\nSome vulnerabilities have been reported in FreeType, which can be exploited by malicious people to potentially compromise an application using the library.\n\nAn integer overflow error within the 'cff_charset_compute_cids()' function in cff/cffload.c can be exploited to potentially cause a heap-based buffer overflow via a specially crafted font.\n\nMultiple integer overflow errors within validation functions in sfnt/ttcmap.c can be exploited to bypass length validations and potentially cause buffer overflows via specially crafted fonts.\n\nAn integer overflow error within the 'ft_smooth_render_generic()' function in smooth/ftsmooth.c can be exploited to potentially cause a heap-based buffer overflow via a specially crafted font.", "reporter": "Tenable", "published": "2009-04-21T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "nessus", "title": "FreeBSD : freetype2 -- multiple vulnerabilities (20b4f284-2bfc-11de-bdeb-0030843d3802)", "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:freetype2"], "modified": "2013-06-21T00:00:00", "id": "FREEBSD_PKG_20B4F2842BFC11DEBDEB0030843D3802.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=36191", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36191);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2013/06/21 23:48:17 $\");\n\n script_cve_id(\"CVE-2009-0946\");\n script_xref(name:\"Secunia\", value:\"34723\");\n\n script_name(english:\"FreeBSD : freetype2 -- multiple vulnerabilities (20b4f284-2bfc-11de-bdeb-0030843d3802)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Secunia reports :\n\nSome vulnerabilities have been reported in FreeType, which can be\nexploited by malicious people to potentially compromise an application\nusing the library.\n\nAn integer overflow error within the 'cff_charset_compute_cids()'\nfunction in cff/cffload.c can be exploited to potentially cause a\nheap-based buffer overflow via a specially crafted font.\n\nMultiple integer overflow errors within validation functions in\nsfnt/ttcmap.c can be exploited to bypass length validations and\npotentially cause buffer overflows via specially crafted fonts.\n\nAn integer overflow error within the 'ft_smooth_render_generic()'\nfunction in smooth/ftsmooth.c can be exploited to potentially cause a\nheap-based buffer overflow via a specially crafted font.\"\n );\n # http://www.freebsd.org/ports/portaudit/20b4f284-2bfc-11de-bdeb-0030843d3802.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6624e33f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:freetype2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"freetype2<2.3.9_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:41:42", "references": ["https://oss.oracle.com/pipermail/el-errata/2009-May/001009.html"], "pluginID": "67864", "description": "From Red Hat Security Advisory 2009:1061 :\n\nUpdated freetype packages that fix various security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nFreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. These packages provide the FreeType 2 font engine.\n\nTavis Ormandy of the Google Security Team discovered several integer overflow flaws in the FreeType 2 font engine. If a user loaded a carefully-crafted font file with an application linked against FreeType 2, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2009-0946)\n\nUsers are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. The X server must be restarted (log out, then log back in) for this update to take effect.", "edition": 2, "reporter": "Tenable", "published": "2013-07-12T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "nessus", "title": "Oracle Linux 5 : freetype (ELSA-2009-1061)", "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "cpe": ["p-cpe:/a:oracle:linux:freetype-demos", "p-cpe:/a:oracle:linux:freetype-devel", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:freetype"], "modified": "2015-12-01T00:00:00", "id": "ORACLELINUX_ELSA-2009-1061.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=67864", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1061 and \n# Oracle Linux Security Advisory ELSA-2009-1061 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67864);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/12/01 16:41:03 $\");\n\n script_cve_id(\"CVE-2009-0946\");\n script_xref(name:\"RHSA\", value:\"2009:1061\");\n\n script_name(english:\"Oracle Linux 5 : freetype (ELSA-2009-1061)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1061 :\n\nUpdated freetype packages that fix various security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nFreeType is a free, high-quality, portable font engine that can open\nand manage font files. It also loads, hints, and renders individual\nglyphs efficiently. These packages provide the FreeType 2 font engine.\n\nTavis Ormandy of the Google Security Team discovered several integer\noverflow flaws in the FreeType 2 font engine. If a user loaded a\ncarefully-crafted font file with an application linked against\nFreeType 2, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication. (CVE-2009-0946)\n\nUsers are advised to upgrade to these updated packages, which contain\na backported patch to correct these issues. The X server must be\nrestarted (log out, then log back in) for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-May/001009.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected freetype packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:freetype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:freetype-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:freetype-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"freetype-2.2.1-21.el5_3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"freetype-demos-2.2.1-21.el5_3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"freetype-devel-2.2.1-21.el5_3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"freetype / freetype-demos / freetype-devel\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-11T09:16:56", "references": ["https://security.gentoo.org/glsa/200905-05"], "pluginID": "38886", "description": "The remote host is affected by the vulnerability described in GLSA-200905-05 (FreeType: Multiple vulnerabilities)\n\n Tavis Ormandy reported multiple integer overflows in the cff_charset_compute_cids() function in cff/cffload.c, sfnt/tccmap.c and the ft_smooth_render_generic() function in smooth/ftsmooth.c, possibly leading to heap or stack-based buffer overflows.\n Impact :\n\n A remote attacker could entice a user or automated system to open a specially crafted font file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service.\n Workaround :\n\n There is no known workaround at this time.", "edition": 3, "reporter": "Tenable", "published": "2009-05-26T00:00:00", "title": "GLSA-200905-05 : FreeType: Multiple vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "modified": "2018-08-10T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:freetype", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200905-05.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38886", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200905-05.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38886);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/08/10 18:07:07\");\n\n script_cve_id(\"CVE-2009-0946\");\n script_xref(name:\"GLSA\", value:\"200905-05\");\n\n script_name(english:\"GLSA-200905-05 : FreeType: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200905-05\n(FreeType: Multiple vulnerabilities)\n\n Tavis Ormandy reported multiple integer overflows in the\n cff_charset_compute_cids() function in cff/cffload.c, sfnt/tccmap.c and\n the ft_smooth_render_generic() function in smooth/ftsmooth.c, possibly\n leading to heap or stack-based buffer overflows.\n \nImpact :\n\n A remote attacker could entice a user or automated system to open a\n specially crafted font file, possibly resulting in the execution of\n arbitrary code with the privileges of the user running the application,\n or a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200905-05\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All FreeType users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-libs/freetype-2.3.9-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:freetype\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-libs/freetype\", unaffected:make_list(\"ge 2.3.9-r1\", \"lt 2.0\"), vulnerable:make_list(\"lt 2.3.9-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"FreeType\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:38:30", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=485889"], "pluginID": "39965", "description": "Freetype was updated to fix some integer overflows that can be exploited remotely in conjunction with programs like a web-browser.\n(CVE-2009-0946) Thanks to Tavis Ormandy who found the bugs.", "edition": 2, "reporter": "Tenable", "published": "2009-07-21T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "type": "nessus", "title": "openSUSE Security Update : freetype2 (freetype2-794)", "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "cpe": ["p-cpe:/a:novell:opensuse:freetype2-devel-32bit", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:freetype2-32bit", "p-cpe:/a:novell:opensuse:freetype2-devel", "p-cpe:/a:novell:opensuse:freetype2"], "modified": "2014-06-13T00:00:00", "id": "SUSE_11_0_FREETYPE2-090417.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=39965", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update freetype2-794.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(39965);\n script_version(\"$Revision: 1.8 $\");\n script_cvs_date(\"$Date: 2014/06/13 19:38:12 $\");\n\n script_cve_id(\"CVE-2009-0946\");\n\n script_name(english:\"openSUSE Security Update : freetype2 (freetype2-794)\");\n script_summary(english:\"Check for the freetype2-794 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Freetype was updated to fix some integer overflows that can be\nexploited remotely in conjunction with programs like a web-browser.\n(CVE-2009-0946) Thanks to Tavis Ormandy who found the bugs.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=485889\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected freetype2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:freetype2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:freetype2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:freetype2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:freetype2-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"freetype2-2.3.5-62.5\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"freetype2-devel-2.3.5-62.5\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"freetype2-32bit-2.3.5-62.5\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"freetype2-devel-32bit-2.3.5-62.5\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"freetype2 / freetype2-32bit / freetype2-devel / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-29T13:41:24", "references": ["https://www.redhat.com/security/data/cve/CVE-2009-0946.html", "http://rhn.redhat.com/errata/RHSA-2009-1061.html"], "pluginID": "38873", "edition": 3, "description": "Updated freetype packages that fix various security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nFreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. These packages provide the FreeType 2 font engine.\n\nTavis Ormandy of the Google Security Team discovered several integer overflow flaws in the FreeType 2 font engine. If a user loaded a carefully-crafted font file with an application linked against FreeType 2, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2009-0946)\n\nUsers are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. The X server must be restarted (log out, then log back in) for this update to take effect.", "reporter": "Tenable", "published": "2009-05-23T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "nessus", "title": "RHEL 5 : freetype (RHSA-2009:1061)", "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "cpe": ["cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3", "p-cpe:/a:redhat:enterprise_linux:freetype-demos", "p-cpe:/a:redhat:enterprise_linux:freetype", "p-cpe:/a:redhat:enterprise_linux:freetype-devel"], "modified": "2017-01-03T00:00:00", "id": "REDHAT-RHSA-2009-1061.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=38873", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1061. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(38873);\n script_version (\"$Revision: 1.16 $\");\n script_cvs_date(\"$Date: 2017/01/03 17:27:01 $\");\n\n script_cve_id(\"CVE-2009-0946\");\n script_xref(name:\"RHSA\", value:\"2009:1061\");\n\n script_name(english:\"RHEL 5 : freetype (RHSA-2009:1061)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated freetype packages that fix various security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nFreeType is a free, high-quality, portable font engine that can open\nand manage font files. It also loads, hints, and renders individual\nglyphs efficiently. These packages provide the FreeType 2 font engine.\n\nTavis Ormandy of the Google Security Team discovered several integer\noverflow flaws in the FreeType 2 font engine. If a user loaded a\ncarefully-crafted font file with an application linked against\nFreeType 2, it could cause the application to crash or, possibly,\nexecute arbitrary code with the privileges of the user running the\napplication. (CVE-2009-0946)\n\nUsers are advised to upgrade to these updated packages, which contain\na backported patch to correct these issues. The X server must be\nrestarted (log out, then log back in) for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-0946.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2009-1061.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected freetype, freetype-demos and / or freetype-devel\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:freetype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:freetype-demos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:freetype-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2017 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1061\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"freetype-2.2.1-21.el5_3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"freetype-demos-2.2.1-21.el5_3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"freetype-demos-2.2.1-21.el5_3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"freetype-demos-2.2.1-21.el5_3\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"freetype-devel-2.2.1-21.el5_3\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"freetype / freetype-demos / freetype-devel\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-25T10:56:16", "references": [], "pluginID": "64053", "description": "The remote host is missing updates to freetype announced in\nadvisory CESA-2009:1061.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-05-25T00:00:00", "title": "CentOS Security Advisory CESA-2009:1061 (freetype)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64053", "id": "OPENVAS:64053", "sourceData": "#CESA-2009:1061 64053 2\n# $Id: ovcesa2009_1061.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1061 (freetype)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1061\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1061\nhttps://rhn.redhat.com/errata/RHSA-2009-1061.html\";\ntag_summary = \"The remote host is missing updates to freetype announced in\nadvisory CESA-2009:1061.\";\n\n\n\nif(description)\n{\n script_id(64053);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-0946\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1061 (freetype)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"freetype\", rpm:\"freetype~2.2.1~21.el5_3\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype-demos\", rpm:\"freetype-demos~2.2.1~21.el5_3\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype-devel\", rpm:\"freetype-devel~2.2.1~21.el5_3\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:50", "references": [], "pluginID": "66421", "description": "The remote host is missing an update to freetype2\nannounced via advisory MDVSA-2009:243-2.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-12-10T00:00:00", "title": "Mandriva Security Advisory MDVSA-2009:243-2 (freetype2)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66421", "id": "OPENVAS:66421", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_243_2.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:243-2 (freetype2)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple integer overflows in FreeType 2.3.9 and earlier allow remote\nattackers to execute arbitrary code via vectors related to large\nvalues in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c,\nand (3) cff/cffload.c.\n\nThis update corrects the problem.\n\nUpdate:\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:243-2\";\ntag_summary = \"The remote host is missing an update to freetype2\nannounced via advisory MDVSA-2009:243-2.\";\n\n \n\nif(description)\n{\n script_id(66421);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-0946\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:243-2 (freetype2)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libfreetype6\", rpm:\"libfreetype6~2.3.5~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6-devel\", rpm:\"libfreetype6-devel~2.3.5~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6-static-devel\", rpm:\"libfreetype6-static-devel~2.3.5~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6\", rpm:\"lib64freetype6~2.3.5~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6-devel\", rpm:\"lib64freetype6-devel~2.3.5~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6-static-devel\", rpm:\"lib64freetype6-static-devel~2.3.5~2.2mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:26", "references": [], "pluginID": "136141256231063862", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-04-20T00:00:00", "type": "openvas", "title": "FreeBSD Ports: freetype2", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063862", "id": "OPENVAS:136141256231063862", "sourceData": "#\n#VID 20b4f284-2bfc-11de-bdeb-0030843d3802\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 20b4f284-2bfc-11de-bdeb-0030843d3802\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: freetype2\n\nCVE-2009-0946\nMultiple integer overflows in FreeType 2.3.9 and earlier allow remote\nattackers to execute arbitrary code via vectors related to large\nvalues in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c,\nand (3) cff/cffload.c.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://secunia.com/advisories/34723/\nhttp://www.vuxml.org/freebsd/20b4f284-2bfc-11de-bdeb-0030843d3802.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63862\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-20 23:45:17 +0200 (Mon, 20 Apr 2009)\");\n script_cve_id(\"CVE-2009-0946\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: freetype2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"freetype2\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.3.9_1\")<0) {\n txt += 'Package freetype2 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:55", "references": ["http://www.redhat.com/security/updates/classification/#important", "http://rhn.redhat.com/errata/RHSA-2009-1061.html"], "pluginID": "136141256231064021", "description": "The remote host is missing updates to FreeType announced in\nadvisory RHSA-2009:1061.\n\nTavis Ormandy of the Google Security Team discovered several integer\noverflow flaws in the FreeType 2 font engine. If a user loaded a\ncarefully-crafted font file with an application linked against FreeType 2,\nit could cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2009-0946)\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to correct these issues. The X server must be restarted\n(log out, then log back in) for this update to take effect.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-05-25T00:00:00", "title": "RedHat Security Advisory RHSA-2009:1061", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064021", "id": "OPENVAS:136141256231064021", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1061.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1061 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to FreeType announced in\nadvisory RHSA-2009:1061.\n\nTavis Ormandy of the Google Security Team discovered several integer\noverflow flaws in the FreeType 2 font engine. If a user loaded a\ncarefully-crafted font file with an application linked against FreeType 2,\nit could cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2009-0946)\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to correct these issues. The X server must be restarted\n(log out, then log back in) for this update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64021\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-0946\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1061\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1061.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"freetype\", rpm:\"freetype~2.2.1~21.el5_3\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype-debuginfo\", rpm:\"freetype-debuginfo~2.2.1~21.el5_3\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype-demos\", rpm:\"freetype-demos~2.2.1~21.el5_3\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype-devel\", rpm:\"freetype-devel~2.2.1~21.el5_3\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:08", "references": [], "pluginID": "64954", "description": "The remote host is missing an update to freetype2\nannounced via advisory MDVSA-2009:243.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-09-28T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Mandrake Security Advisory MDVSA-2009:243 (freetype2)", "type": "openvas", "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=64954", "id": "OPENVAS:64954", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_243.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:243 (freetype2)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple integer overflows in FreeType 2.3.9 and earlier allow remote\nattackers to execute arbitrary code via vectors related to large\nvalues in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c,\nand (3) cff/cffload.c.\n\nThis update corrects the problem.\n\nAffected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,\n Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:243\";\ntag_summary = \"The remote host is missing an update to freetype2\nannounced via advisory MDVSA-2009:243.\";\n\n \n\nif(description)\n{\n script_id(64954);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-28 19:09:13 +0200 (Mon, 28 Sep 2009)\");\n script_cve_id(\"CVE-2009-0946\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:243 (freetype2)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libfreetype6\", rpm:\"libfreetype6~2.3.5~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6-devel\", rpm:\"libfreetype6-devel~2.3.5~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6-static-devel\", rpm:\"libfreetype6-static-devel~2.3.5~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6\", rpm:\"lib64freetype6~2.3.5~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6-devel\", rpm:\"lib64freetype6-devel~2.3.5~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6-static-devel\", rpm:\"lib64freetype6-static-devel~2.3.5~2.2mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6\", rpm:\"libfreetype6~2.3.7~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6-devel\", rpm:\"libfreetype6-devel~2.3.7~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6-static-devel\", rpm:\"libfreetype6-static-devel~2.3.7~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6\", rpm:\"lib64freetype6~2.3.7~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6-devel\", rpm:\"lib64freetype6-devel~2.3.7~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6-static-devel\", rpm:\"lib64freetype6-static-devel~2.3.7~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6\", rpm:\"libfreetype6~2.3.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6-devel\", rpm:\"libfreetype6-devel~2.3.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6-static-devel\", rpm:\"libfreetype6-static-devel~2.3.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6\", rpm:\"lib64freetype6~2.3.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6-devel\", rpm:\"lib64freetype6-devel~2.3.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6-static-devel\", rpm:\"lib64freetype6-static-devel~2.3.9~1.1mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6\", rpm:\"libfreetype6~2.1.7~4.1mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6-devel\", rpm:\"libfreetype6-devel~2.1.7~4.1mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6-static-devel\", rpm:\"libfreetype6-static-devel~2.1.7~4.1mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6\", rpm:\"lib64freetype6~2.1.7~4.1mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6-devel\", rpm:\"lib64freetype6-devel~2.1.7~4.1mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6-static-devel\", rpm:\"lib64freetype6-static-devel~2.1.7~4.1mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6\", rpm:\"libfreetype6~2.1.10~9.5.20060mdk\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6-devel\", rpm:\"libfreetype6-devel~2.1.10~9.5.20060mdk\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6-static-devel\", rpm:\"libfreetype6-static-devel~2.1.10~9.5.20060mdk\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6\", rpm:\"lib64freetype6~2.1.10~9.5.20060mdk\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6-devel\", rpm:\"lib64freetype6-devel~2.1.10~9.5.20060mdk\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6-static-devel\", rpm:\"lib64freetype6-static-devel~2.1.10~9.5.20060mdk\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6\", rpm:\"libfreetype6~2.3.7~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6-devel\", rpm:\"libfreetype6-devel~2.3.7~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfreetype6-static-devel\", rpm:\"libfreetype6-static-devel~2.3.7~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6\", rpm:\"lib64freetype6~2.3.7~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6-devel\", rpm:\"lib64freetype6-devel~2.3.7~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64freetype6-static-devel\", rpm:\"lib64freetype6-static-devel~2.3.7~1.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:13", "references": [], "pluginID": "65100", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n freetype2\n freetype2-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5048794 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-10-10T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "SLES9: Security update for freetype2", "type": "openvas", "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "modified": "2017-07-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=65100", "id": "OPENVAS:65100", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5048794.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for freetype2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n freetype2\n freetype2-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5048794 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65100);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2009-0946\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for freetype2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"freetype2\", rpm:\"freetype2~2.1.7~53.21\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:55:59", "references": [], "pluginID": "63936", "description": "The remote host is missing an update to freetype\nannounced via advisory DSA 1784-1.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-05-05T00:00:00", "title": "Debian Security Advisory DSA 1784-1 (freetype)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63936", "id": "OPENVAS:63936", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1784_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1784-1 (freetype)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tavis Ormandy discovered several integer overflows in FreeType, a library\nto process and access font files, resulting in heap- or stack-based\nbuffer overflows leading to application crashes or the execution\nof arbitrary code via a crafted font file.\n\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.2.1-5+etch4.\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 2.3.7-2+lenny1.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.3.9-4.1.\n\n\nWe recommend that you upgrade your freetype packages.\";\ntag_summary = \"The remote host is missing an update to freetype\nannounced via advisory DSA 1784-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201784-1\";\n\n\nif(description)\n{\n script_id(63936);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 16:00:35 +0200 (Tue, 05 May 2009)\");\n script_cve_id(\"CVE-2009-0946\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1784-1 (freetype)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libfreetype6\", ver:\"2.2.1-5+etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libfreetype6-dev\", ver:\"2.2.1-5+etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"freetype2-demos\", ver:\"2.2.1-5+etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libfreetype6\", ver:\"2.3.7-2+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libfreetype6-dev\", ver:\"2.3.7-2+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"freetype2-demos\", ver:\"2.3.7-2+lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:51", "references": [], "pluginID": "136141256231064053", "description": "The remote host is missing updates to freetype announced in\nadvisory CESA-2009:1061.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-05-25T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1061 (freetype)", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064053", "id": "OPENVAS:136141256231064053", "sourceData": "#CESA-2009:1061 64053 2\n# $Id: ovcesa2009_1061.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1061 (freetype)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1061\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1061\nhttps://rhn.redhat.com/errata/RHSA-2009-1061.html\";\ntag_summary = \"The remote host is missing updates to freetype announced in\nadvisory CESA-2009:1061.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64053\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-0946\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1061 (freetype)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"freetype\", rpm:\"freetype~2.2.1~21.el5_3\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype-demos\", rpm:\"freetype-demos~2.2.1~21.el5_3\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype-devel\", rpm:\"freetype-devel~2.2.1~21.el5_3\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:37", "references": [], "pluginID": "136141256231065770", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n freetype2\n freetype2-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for freetype2", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065770", "id": "OPENVAS:136141256231065770", "sourceData": "#\n#VID slesp2-freetype2-6181\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for freetype2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n freetype2\n freetype2-devel\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65770\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-0946\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for freetype2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"freetype2\", rpm:\"freetype2~2.1.10~18.20\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"freetype2-devel\", rpm:\"freetype2-devel~2.1.10~18.20\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:19", "references": [], "pluginID": "136141256231065100", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n freetype2\n freetype2-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5048794 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-10-10T00:00:00", "title": "SLES9: Security update for freetype2", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0946"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065100", "id": "OPENVAS:136141256231065100", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5048794.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for freetype2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n freetype2\n freetype2-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5048794 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65100\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2009-0946\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for freetype2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"freetype2\", rpm:\"freetype2~2.1.7~53.21\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:24:56", "references": ["https://rhn.redhat.com/errata/RHSA-2009-1061.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "x86_64", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.2.1-21.el5_3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "i386", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.2.1-21.el5_3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "i386", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.2.1-21.el5_3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "i386", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.2.1-21.el5_3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "x86_64", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.2.1-21.el5_3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "any", "packageName": "freetype", "packageFilename": "freetype-2.2.1-21.el5_3.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "any", "packageName": "freetype", "packageFilename": "freetype-2.2.1-21.el5_3.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "x86_64", "packageName": "freetype", "packageFilename": "freetype-2.2.1-21.el5_3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "i386", "packageName": "freetype", "packageFilename": "freetype-2.2.1-21.el5_3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "i386", "packageName": "freetype", "packageFilename": "freetype-2.2.1-21.el5_3.i386.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1061\n\n\nFreeType is a free, high-quality, portable font engine that can open and\nmanage font files. It also loads, hints, and renders individual glyphs\nefficiently. These packages provide the FreeType 2 font engine.\n\nTavis Ormandy of the Google Security Team discovered several integer\noverflow flaws in the FreeType 2 font engine. If a user loaded a\ncarefully-crafted font file with an application linked against FreeType 2,\nit could cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2009-0946)\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to correct these issues. The X server must be restarted\n(log out, then log back in) for this update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015893.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015894.html\n\n**Affected packages:**\nfreetype\nfreetype-demos\nfreetype-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1061.html", "edition": 1, "reporter": "CentOS Project", "published": "2009-05-22T22:25:29", "title": "freetype security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0946"], "modified": "2009-05-22T22:25:29", "href": "http://lists.centos.org/pipermail/centos-announce/2009-May/015893.html", "id": "CESA-2009:1061", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:24:49", "references": ["https://rhn.redhat.com/errata/RHSA-2009-0329.html", "http://pasi.pirhonen.eu/", "http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.1.9-10.el4.7.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390x", "packageName": "freetype-utils", "packageFilename": "freetype-utils-2.1.9-10.el4.7.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "s390", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.1.4-12.el3.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "x86_64", "packageName": "freetype-utils", "packageFilename": "freetype-utils-2.1.4-12.el3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ia64", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.1.9-10.el4.7.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ia64", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.1.9-10.el4.7.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ia64", "packageName": "freetype-utils", "packageFilename": "freetype-utils-2.1.9-10.el4.7.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "ia64", "packageName": "freetype", "packageFilename": "freetype-2.1.4-12.el3.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390x", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.1.9-10.el4.7.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "s390x", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.1.4-12.el3.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "any", "packageName": "freetype", "packageFilename": "freetype-2.1.4-12.el3.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "any", "packageName": "freetype", "packageFilename": "freetype-2.1.4-12.el3.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390x", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.1.9-10.el4.7.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390", "packageName": "freetype", "packageFilename": "freetype-2.1.9-10.el4.7.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.1.9-10.el4.7.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "x86_64", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.1.4-12.el3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ia64", "packageName": "freetype", "packageFilename": "freetype-2.1.9-10.el4.7.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390x", "packageName": "freetype", "packageFilename": "freetype-2.1.9-10.el4.7.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "ia64", "packageName": "freetype-utils", "packageFilename": "freetype-utils-2.1.4-12.el3.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "s390x", "packageName": "freetype", "packageFilename": "freetype-2.1.4-12.el3.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "s390", "packageName": "freetype", "packageFilename": "freetype-2.1.4-12.el3.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "i386", "packageName": "freetype-utils", "packageFilename": "freetype-utils-2.1.4-12.el3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "x86_64", "packageName": "freetype", "packageFilename": "freetype-2.1.4-12.el3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "s390", "packageName": "freetype-utils", "packageFilename": "freetype-utils-2.1.4-12.el3.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "ia64", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.1.4-12.el3.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "i386", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.1.4-12.el3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "i386", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.1.4-12.el3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "x86_64", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.1.4-12.el3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "s390", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.1.4-12.el3.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390", "packageName": "freetype-utils", "packageFilename": "freetype-utils-2.1.9-10.el4.7.s390.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "i386", "packageName": "freetype", "packageFilename": "freetype-2.1.4-12.el3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "i386", "packageName": "freetype", "packageFilename": "freetype-2.1.4-12.el3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "ia64", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.1.4-12.el3.ia64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "s390x", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.1.4-12.el3.s390x.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "s390x", "packageName": "freetype-utils", "packageFilename": "freetype-utils-2.1.4-12.el3.s390x.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:0329\n\n\nFreeType is a free, high-quality, portable font engine that can open and\nmanage font files. It also loads, hints, and renders individual glyphs\nefficiently. These packages provide both the FreeType 1 and FreeType 2\nfont engines.\n\nTavis Ormandy of the Google Security Team discovered several integer\noverflow flaws in the FreeType 2 font engine. If a user loaded a\ncarefully-crafted font file with an application linked against FreeType 2,\nit could cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2009-0946)\n\nChris Evans discovered multiple integer overflow flaws in the FreeType font\nengine. If a user loaded a carefully-crafted font file with an application\nlinked against FreeType, it could cause the application to crash or,\npossibly, execute arbitrary code with the privileges of the user running\nthe application. (CVE-2006-1861)\n\nAn integer overflow flaw was found in the way the FreeType font engine\nprocessed TrueType\u00ae Font (TTF) files. If a user loaded a carefully-crafted\nfont file with an application linked against FreeType, it could cause the\napplication to crash or, possibly, execute arbitrary code with the\nprivileges of the user running the application. (CVE-2007-2754)\n\nA flaw was discovered in the FreeType TTF font-file format parser when the\nTrueType virtual machine Byte Code Interpreter (BCI) is enabled. If a user\nloaded a carefully-crafted font file with an application linked against\nFreeType, it could cause the application to crash or, possibly, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2008-1808)\n\nThe CVE-2008-1808 flaw did not affect the freetype packages as distributed\nin Red Hat Enterprise Linux 3 and 4, as they are not compiled with TrueType\nBCI support. A fix for this flaw has been included in this update as users\nmay choose to recompile the freetype packages in order to enable TrueType\nBCI support. Red Hat does not, however, provide support for modified and\nrecompiled packages.\n\nNote: For the FreeType 2 font engine, the CVE-2006-1861, CVE-2007-2754,\nand CVE-2008-1808 flaws were addressed via RHSA-2006:0500, RHSA-2007:0403,\nand RHSA-2008:0556 respectively. This update provides corresponding\nupdates for the FreeType 1 font engine, included in the freetype packages\ndistributed in Red Hat Enterprise Linux 3 and 4.\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to correct these issues. The X server must be restarted\n(log out, then log back in) for this update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015887.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015888.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015932.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015934.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015936.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015939.html\n\n**Affected packages:**\nfreetype\nfreetype-demos\nfreetype-devel\nfreetype-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-0329.html", "edition": 1, "reporter": "CentOS Project", "published": "2009-05-22T15:02:05", "title": "freetype security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0946", "CVE-2008-1808", "CVE-2007-2754", "CVE-2006-1861"], "modified": "2009-05-25T21:21:29", "href": "http://lists.centos.org/pipermail/centos-announce/2009-May/015887.html", "id": "CESA-2009:0329", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2017-09-09T07:20:21", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "enchantments_done": [], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype", "packageFilename": "freetype-2.2.1-21.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype", "packageFilename": "freetype-2.2.1-21.el5_3.src.rpm", "arch": "src", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype", "packageFilename": "freetype-2.2.1-21.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.2.1-21.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype", "packageFilename": "freetype-2.2.1-21.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.2.1-21.el5_3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype", "packageFilename": "freetype-2.2.1-21.el5_3.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.2.1-21.el5_3.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.2.1-21.el5_3.s390.rpm", "arch": "s390", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype", "packageFilename": "freetype-2.2.1-21.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.2.1-21.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.2.1-21.el5_3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype", "packageFilename": "freetype-2.2.1-21.el5_3.s390.rpm", "arch": "s390", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.2.1-21.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.2.1-21.el5_3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.2.1-21.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.2.1-21.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype", "packageFilename": "freetype-2.2.1-21.el5_3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.2.1-21.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.2.1-21.el5_3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}], "description": "FreeType is a free, high-quality, portable font engine that can open and\nmanage font files. It also loads, hints, and renders individual glyphs\nefficiently. These packages provide the FreeType 2 font engine.\n\nTavis Ormandy of the Google Security Team discovered several integer\noverflow flaws in the FreeType 2 font engine. If a user loaded a\ncarefully-crafted font file with an application linked against FreeType 2,\nit could cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2009-0946)\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to correct these issues. The X server must be restarted\n(log out, then log back in) for this update to take effect.", "reporter": "RedHat", "published": "2009-05-22T04:00:00", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "redhat", "title": "(RHSA-2009:1061) Important: freetype security update", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0946"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:17:05", "id": "RHSA-2009:1061", "href": "https://access.redhat.com/errata/RHSA-2009:1061", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-14T15:44:10", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "2", "packageVersion": "2.0.3-17.el21", "arch": "i386", "packageFilename": "freetype-devel-2.0.3-17.el21.i386.rpm", "packageName": "freetype-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "2", "packageVersion": "2.0.3-17.el21", "arch": "i386", "packageFilename": "freetype-utils-2.0.3-17.el21.i386.rpm", "packageName": "freetype-utils", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "2", "packageVersion": "2.0.3-17.el21", "arch": "i386", "packageFilename": "freetype-2.0.3-17.el21.i386.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "2", "packageVersion": "2.0.3-17.el21", "arch": "ia64", "packageFilename": "freetype-devel-2.0.3-17.el21.ia64.rpm", "packageName": "freetype-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "2", "packageVersion": "2.0.3-17.el21", "arch": "ia64", "packageFilename": "freetype-utils-2.0.3-17.el21.ia64.rpm", "packageName": "freetype-utils", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "2", "packageVersion": "2.0.3-17.el21", "arch": "ia64", "packageFilename": "freetype-2.0.3-17.el21.ia64.rpm", "packageName": "freetype", "operator": "lt"}], "description": "FreeType is a free, high-quality, portable font engine that can open and\nmanage font files. It also loads, hints, and renders individual glyphs\nefficiently. These packages provide both the FreeType 1 and FreeType 2\nfont engines.\n\nTavis Ormandy of the Google Security Team discovered several integer\noverflow flaws in the FreeType 2 font engine. If a user loaded a\ncarefully-crafted font file with an application linked against FreeType 2,\nit could cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2009-0946)\n\nChris Evans discovered multiple integer overflow flaws in the FreeType font\nengine. If a user loaded a carefully-crafted font file with an application\nlinked against FreeType, it could cause the application to crash or,\npossibly, execute arbitrary code with the privileges of the user running\nthe application. (CVE-2006-1861)\n\nAn integer overflow flaw was found in the way the FreeType font engine\nprocessed TrueType\u00ae Font (TTF) files. If a user loaded a carefully-crafted\nfont file with an application linked against FreeType, it could cause the\napplication to crash or, possibly, execute arbitrary code with the\nprivileges of the user running the application. (CVE-2007-2754)\n\nNote: For the FreeType 2 font engine, the CVE-2006-1861 and CVE-2007-2754\nflaws were addressed via RHSA-2006:0500 and RHSA-2007:0403 respectively.\nThis update provides corresponding updates for the FreeType 1 font engine,\nincluded in the freetype packages distributed in Red Hat Enterprise Linux\n2.1.\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to correct these issues. The X server must be restarted\n(log out, then log back in) for this update to take effect.", "reporter": "RedHat", "published": "2009-05-22T04:00:00", "type": "redhat", "title": "(RHSA-2009:1062) Important: freetype security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2006-1861", "CVE-2007-2754", "CVE-2009-0946"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-03-14T19:26:35", "id": "RHSA-2009:1062", "href": "https://access.redhat.com/errata/RHSA-2009:1062", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-05-27T21:43:23", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "i386", "packageName": "freetype", "packageFilename": "freetype-2.1.9-10.el4.7.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "i386", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.1.9-10.el4.7.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "i386", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.1.9-10.el4.7.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "i386", "packageName": "freetype-utils", "packageFilename": "freetype-utils-2.1.9-10.el4.7.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "src", "packageName": "freetype", "packageFilename": "freetype-2.1.9-10.el4.7.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ia64", "packageName": "freetype-utils", "packageFilename": "freetype-utils-2.1.9-10.el4.7.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ia64", "packageName": "freetype", "packageFilename": "freetype-2.1.9-10.el4.7.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ia64", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.1.9-10.el4.7.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ia64", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.1.9-10.el4.7.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "x86_64", "packageName": "freetype-utils", "packageFilename": "freetype-utils-2.1.9-10.el4.7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "x86_64", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.1.9-10.el4.7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "x86_64", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.1.9-10.el4.7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "x86_64", "packageName": "freetype", "packageFilename": "freetype-2.1.9-10.el4.7.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ppc64", "packageName": "freetype", "packageFilename": "freetype-2.1.9-10.el4.7.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ppc", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.1.9-10.el4.7.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ppc", "packageName": "freetype-utils", "packageFilename": "freetype-utils-2.1.9-10.el4.7.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ppc", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.1.9-10.el4.7.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ppc", "packageName": "freetype", "packageFilename": "freetype-2.1.9-10.el4.7.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390", "packageName": "freetype", "packageFilename": "freetype-2.1.9-10.el4.7.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390", "packageName": "freetype-utils", "packageFilename": "freetype-utils-2.1.9-10.el4.7.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.1.9-10.el4.7.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.1.9-10.el4.7.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390x", "packageName": "freetype-demos", "packageFilename": "freetype-demos-2.1.9-10.el4.7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390x", "packageName": "freetype", "packageFilename": "freetype-2.1.9-10.el4.7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390x", "packageName": "freetype-devel", "packageFilename": "freetype-devel-2.1.9-10.el4.7.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "s390x", "packageName": "freetype-utils", "packageFilename": "freetype-utils-2.1.9-10.el4.7.s390x.rpm", "operator": "lt"}], "description": "FreeType is a free, high-quality, portable font engine that can open and\nmanage font files. It also loads, hints, and renders individual glyphs\nefficiently. These packages provide both the FreeType 1 and FreeType 2\nfont engines.\n\nTavis Ormandy of the Google Security Team discovered several integer\noverflow flaws in the FreeType 2 font engine. If a user loaded a\ncarefully-crafted font file with an application linked against FreeType 2,\nit could cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2009-0946)\n\nChris Evans discovered multiple integer overflow flaws in the FreeType font\nengine. If a user loaded a carefully-crafted font file with an application\nlinked against FreeType, it could cause the application to crash or,\npossibly, execute arbitrary code with the privileges of the user running\nthe application. (CVE-2006-1861)\n\nAn integer overflow flaw was found in the way the FreeType font engine\nprocessed TrueType\u00ae Font (TTF) files. If a user loaded a carefully-crafted\nfont file with an application linked against FreeType, it could cause the\napplication to crash or, possibly, execute arbitrary code with the\nprivileges of the user running the application. (CVE-2007-2754)\n\nA flaw was discovered in the FreeType TTF font-file format parser when the\nTrueType virtual machine Byte Code Interpreter (BCI) is enabled. If a user\nloaded a carefully-crafted font file with an application linked against\nFreeType, it could cause the application to crash or, possibly, execute\narbitrary code with the privileges of the user running the application.\n(CVE-2008-1808)\n\nThe CVE-2008-1808 flaw did not affect the freetype packages as distributed\nin Red Hat Enterprise Linux 3 and 4, as they are not compiled with TrueType\nBCI support. A fix for this flaw has been included in this update as users\nmay choose to recompile the freetype packages in order to enable TrueType\nBCI support. Red Hat does not, however, provide support for modified and\nrecompiled packages.\n\nNote: For the FreeType 2 font engine, the CVE-2006-1861, CVE-2007-2754,\nand CVE-2008-1808 flaws were addressed via RHSA-2006:0500, RHSA-2007:0403,\nand RHSA-2008:0556 respectively. This update provides corresponding\nupdates for the FreeType 1 font engine, included in the freetype packages\ndistributed in Red Hat Enterprise Linux 3 and 4.\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to correct these issues. The X server must be restarted\n(log out, then log back in) for this update to take effect.", "reporter": "RedHat", "published": "2009-05-22T04:00:00", "type": "redhat", "title": "(RHSA-2009:0329) Important: freetype security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2006-1861", "CVE-2007-2754", "CVE-2008-1808", "CVE-2009-0946"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-05-26T04:26:18", "id": "RHSA-2009:0329", "href": "https://access.redhat.com/errata/RHSA-2009:0329", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T21:19:25", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "BUGTRAQ ID: 34550\r\nCVE(CAN) ID: CVE-2009-0946\r\n\r\nFreeType\u662f\u4e00\u4e2a\u6d41\u884c\u7684\u5b57\u4f53\u51fd\u6570\u5e93\u3002\r\n\r\nFreeType\u5e93\u7684cff/cffload.c\u6587\u4ef6\u4e2d\u7684cff_charset_compute_cids()\u51fd\u6570\u3001smooth /ftsmooth.c\u6587\u4ef6\u4e2d\u7684ft_smooth_render_generic()\u51fd\u6570\u53casfnt/ttcmap.c\u6587\u4ef6\u4e2d\u7684\u591a\u4e2a\u9a8c\u8bc1\u51fd\u6570\u5b58\u5728\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\u3002\u5982\u679c\u7528\u6237\u53d7\u9a97\u6253\u5f00\u4e86\u7578\u5f62\u7684\u5b57\u4f53\u6587\u4ef6\u7684\u8bdd\uff0c\u5c31\u53ef\u80fd\u89e6\u53d1\u8fd9\u4e9b\u6ea2\u51fa\uff0c\u5bfc\u81f4\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n\nFreeType 2.3.9\n FreeType\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b target=_blank rel=external nofollow>http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b</a>\r\n<a href=http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e target=_blank rel=external nofollow>http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e</a>\r\n<a href=http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0a05ba257b6ddd87dacf8d54b626e4b360e0a596 target=_blank rel=external nofollow>http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0a05ba257b6ddd87dacf8d54b626e4b360e0a596</a>\r\n<a href=http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5 target=_blank rel=external nofollow>http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5</a>", "reporter": "Root", "published": "2009-04-28T00:00:00", "title": "FreeType\u591a\u4e2a\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2009-0946"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2009-04-28T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-5124", "id": "SSV:5124", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "", "status": "details"}], "debian": [{"lastseen": "2016-09-02T18:29:59", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-dev_2.2.1-5+etch4_ia64.deb", "packageName": "libfreetype6-dev", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6_2.3.7-2+lenny1_armel.deb", "packageName": "libfreetype6", "arch": "armel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "freetype2-demos_2.3.7-2+lenny1_arm.deb", "packageName": "freetype2-demos", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "freetype2-demos_2.3.7-2+lenny1_mips.deb", "packageName": "freetype2-demos", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6_2.2.1-5+etch4_i386.deb", "packageName": "libfreetype6", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "freetype2-demos_2.3.7-2+lenny1_s390.deb", "packageName": "freetype2-demos", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6_2.2.1-5+etch4_amd64.deb", "packageName": "libfreetype6", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-dev_2.2.1-5+etch4_arm.deb", "packageName": "libfreetype6-dev", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6_2.2.1-5+etch4_alpha.deb", "packageName": "libfreetype6", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6_2.2.1-5+etch4_mipsel.deb", "packageName": "libfreetype6", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6_2.3.7-2+lenny1_mips.deb", "packageName": "libfreetype6", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "freetype_2.3.7-2+lenny1.dsc", "packageName": "freetype", "arch": "src", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6_2.2.1-5+etch4_mips.deb", "packageName": "libfreetype6", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-dev_2.3.7-2+lenny1_alpha.deb", "packageName": "libfreetype6-dev", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-dev_2.3.7-2+lenny1_mips.deb", "packageName": "libfreetype6-dev", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6_2.3.7-2+lenny1_ia64.deb", "packageName": "libfreetype6", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "freetype2-demos_2.3.7-2+lenny1_ia64.deb", "packageName": "freetype2-demos", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-dev_2.3.7-2+lenny1_powerpc.deb", "packageName": "libfreetype6-dev", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-udeb_2.2.1-5+etch4_mipsel.udeb", "packageName": "libfreetype6-udeb", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6_2.3.7-2+lenny1_alpha.deb", "packageName": "libfreetype6", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-udeb_2.2.1-5+etch4_hppa.udeb", "packageName": "libfreetype6-udeb", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "freetype2-demos_2.3.7-2+lenny1_sparc.deb", "packageName": "freetype2-demos", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-dev_2.2.1-5+etch4_mips.deb", "packageName": "libfreetype6-dev", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-udeb_2.3.7-2+lenny1_hppa.udeb", "packageName": "libfreetype6-udeb", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-udeb_2.2.1-5+etch4_s390.udeb", "packageName": "libfreetype6-udeb", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-udeb_2.2.1-5+etch4_powerpc.udeb", "packageName": "libfreetype6-udeb", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-udeb_2.2.1-5+etch4_amd64.udeb", "packageName": "libfreetype6-udeb", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "freetype2-demos_2.2.1-5+etch4_mipsel.deb", "packageName": "freetype2-demos", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "freetype2-demos_2.2.1-5+etch4_hppa.deb", "packageName": "freetype2-demos", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-udeb_2.3.7-2+lenny1_powerpc.udeb", "packageName": "libfreetype6-udeb", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-dev_2.3.7-2+lenny1_hppa.deb", "packageName": "libfreetype6-dev", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-udeb_2.2.1-5+etch4_alpha.udeb", "packageName": "libfreetype6-udeb", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4.diff", "packageFilename": "freetype_2.2.1-5+etch4.diff.gz", "packageName": "freetype", "arch": "src", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "freetype2-demos_2.3.7-2+lenny1_powerpc.deb", "packageName": "freetype2-demos", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-dev_2.3.7-2+lenny1_armel.deb", "packageName": "libfreetype6-dev", "arch": "armel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-udeb_2.2.1-5+etch4_ia64.udeb", "packageName": "libfreetype6-udeb", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-udeb_2.3.7-2+lenny1_alpha.udeb", "packageName": "libfreetype6-udeb", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-dev_2.2.1-5+etch4_i386.deb", "packageName": "libfreetype6-dev", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "freetype2-demos_2.3.7-2+lenny1_i386.deb", "packageName": "freetype2-demos", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-dev_2.3.7-2+lenny1_sparc.deb", "packageName": "libfreetype6-dev", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-udeb_2.3.7-2+lenny1_arm.udeb", "packageName": "libfreetype6-udeb", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "freetype2-demos_2.3.7-2+lenny1_amd64.deb", "packageName": "freetype2-demos", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "freetype2-demos_2.2.1-5+etch4_i386.deb", "packageName": "freetype2-demos", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-dev_2.2.1-5+etch4_amd64.deb", "packageName": "libfreetype6-dev", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1.orig", "packageFilename": "freetype_2.2.1.orig.tar.gz", "packageName": "freetype", "arch": "src", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-udeb_2.2.1-5+etch4_arm.udeb", "packageName": "libfreetype6-udeb", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "freetype_2.2.1-5+etch4.dsc", "packageName": "freetype", "arch": "src", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6_2.3.7-2+lenny1_arm.deb", "packageName": "libfreetype6", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-dev_2.2.1-5+etch4_mipsel.deb", "packageName": "libfreetype6-dev", "arch": "mipsel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6_2.3.7-2+lenny1_amd64.deb", "packageName": "libfreetype6", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6_2.3.7-2+lenny1_s390.deb", "packageName": "libfreetype6", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "freetype2-demos_2.2.1-5+etch4_s390.deb", "packageName": "freetype2-demos", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6_2.2.1-5+etch4_ia64.deb", "packageName": "libfreetype6", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-udeb_2.3.7-2+lenny1_armel.udeb", "packageName": "libfreetype6-udeb", "arch": "armel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6_2.3.7-2+lenny1_hppa.deb", "packageName": "libfreetype6", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-udeb_2.3.7-2+lenny1_ia64.udeb", "packageName": "libfreetype6-udeb", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "freetype2-demos_2.2.1-5+etch4_amd64.deb", "packageName": "freetype2-demos", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-udeb_2.3.7-2+lenny1_i386.udeb", "packageName": "libfreetype6-udeb", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-dev_2.3.7-2+lenny1_amd64.deb", "packageName": "libfreetype6-dev", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "freetype2-demos_2.3.7-2+lenny1_alpha.deb", "packageName": "freetype2-demos", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-dev_2.3.7-2+lenny1_i386.deb", "packageName": "libfreetype6-dev", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6_2.2.1-5+etch4_powerpc.deb", "packageName": "libfreetype6", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-dev_2.3.7-2+lenny1_ia64.deb", "packageName": "libfreetype6-dev", "arch": "ia64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-dev_2.2.1-5+etch4_alpha.deb", "packageName": "libfreetype6-dev", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "freetype2-demos_2.3.7-2+lenny1_hppa.deb", "packageName": "freetype2-demos", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6_2.2.1-5+etch4_hppa.deb", "packageName": "libfreetype6", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "freetype2-demos_2.2.1-5+etch4_alpha.deb", "packageName": "freetype2-demos", "arch": "alpha", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-udeb_2.2.1-5+etch4_sparc.udeb", "packageName": "libfreetype6-udeb", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-dev_2.2.1-5+etch4_sparc.deb", "packageName": "libfreetype6-dev", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "freetype2-demos_2.2.1-5+etch4_mips.deb", "packageName": "freetype2-demos", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7.orig", "packageFilename": "freetype_2.3.7.orig.tar.gz", "packageName": "freetype", "arch": "src", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-udeb_2.2.1-5+etch4_mips.udeb", "packageName": "libfreetype6-udeb", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-dev_2.3.7-2+lenny1_arm.deb", "packageName": "libfreetype6-dev", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1.diff", "packageFilename": "freetype_2.3.7-2+lenny1.diff.gz", "packageName": "freetype", "arch": "src", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-dev_2.2.1-5+etch4_powerpc.deb", "packageName": "libfreetype6-dev", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "freetype2-demos_2.2.1-5+etch4_arm.deb", "packageName": "freetype2-demos", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-udeb_2.3.7-2+lenny1_mips.udeb", "packageName": "libfreetype6-udeb", "arch": "mips", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-udeb_2.3.7-2+lenny1_s390.udeb", "packageName": "libfreetype6-udeb", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6_2.3.7-2+lenny1_sparc.deb", "packageName": "libfreetype6", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6_2.2.1-5+etch4_s390.deb", "packageName": "libfreetype6", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-udeb_2.3.7-2+lenny1_sparc.udeb", "packageName": "libfreetype6-udeb", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "freetype2-demos_2.2.1-5+etch4_powerpc.deb", "packageName": "freetype2-demos", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-dev_2.3.7-2+lenny1_s390.deb", "packageName": "libfreetype6-dev", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-udeb_2.2.1-5+etch4_i386.udeb", "packageName": "libfreetype6-udeb", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6_2.2.1-5+etch4_sparc.deb", "packageName": "libfreetype6", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-dev_2.2.1-5+etch4_hppa.deb", "packageName": "libfreetype6-dev", "arch": "hppa", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6_2.2.1-5+etch4_arm.deb", "packageName": "libfreetype6", "arch": "arm", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "libfreetype6-dev_2.2.1-5+etch4_s390.deb", "packageName": "libfreetype6-dev", "arch": "s390x", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6_2.3.7-2+lenny1_powerpc.deb", "packageName": "libfreetype6", "arch": "ppc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6-udeb_2.3.7-2+lenny1_amd64.udeb", "packageName": "libfreetype6-udeb", "arch": "x86-64", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "libfreetype6_2.3.7-2+lenny1_i386.deb", "packageName": "libfreetype6", "arch": "i686", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "2.3.7-2+lenny1", "packageFilename": "freetype2-demos_2.3.7-2+lenny1_armel.deb", "packageName": "freetype2-demos", "arch": "armel", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "freetype2-demos_2.2.1-5+etch4_sparc.deb", "packageName": "freetype2-demos", "arch": "sparc", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "4", "packageVersion": "2.2.1-5+etch4", "packageFilename": "freetype2-demos_2.2.1-5+etch4_ia64.deb", "packageName": "freetype2-demos", "arch": "ia64", "operator": "lt"}], "description": "Tavis Ormandy discovered several integer overflows in FreeType, a library to process and access font files, resulting in heap- or stack-based buffer overflows leading to application crashes or the execution of arbitrary code via a crafted font file.\n\nFor the oldstable distribution (etch), this problem has been fixed in version 2.2.1-5+etch4.\n\nFor the stable distribution (lenny), this problem has been fixed in version 2.3.7-2+lenny1.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in version 2.3.9-4.1.\n\nWe recommend that you upgrade your freetype packages.", "edition": 1, "reporter": "Debian", "published": "2009-04-30T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "title": "freetype -- integer overflows", "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0946"], "modified": "2009-04-30T00:00:00", "id": "DSA-1784", "href": "http://www.debian.org/security/dsa-1784", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:57", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0946", "https://bugs.gentoo.org/show_bug.cgi?id=263032"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "2.3.9-r1", "packageName": "media-libs/freetype", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nFreeType is a high-quality and portable font engine. \n\n### Description\n\nTavis Ormandy reported multiple integer overflows in the cff_charset_compute_cids() function in cff/cffload.c, sfnt/tccmap.c and the ft_smooth_render_generic() function in smooth/ftsmooth.c, possibly leading to heap or stack-based buffer overflows. \n\n### Impact\n\nA remote attacker could entice a user or automated system to open a specially crafted font file, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll FreeType users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-libs/freetype-2.3.9-r1\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2009-05-24T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "gentoo", "title": "FreeType: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0946"], "modified": "2009-05-25T00:00:00", "id": "GLSA-200905-05", "href": "https://security.gentoo.org/glsa/200905-05", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-06T19:46:16", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2741", "https://bugs.gentoo.org/show_bug.cgi?id=302478", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2624", "https://bugs.gentoo.org/show_bug.cgi?id=315235", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4896", "https://bugs.gentoo.org/show_bug.cgi?id=298067", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0001", "https://bugs.gentoo.org/show_bug.cgi?id=326953", "https://bugs.gentoo.org/show_bug.cgi?id=159556", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4029", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2529", "https://bugs.gentoo.org/show_bug.cgi?id=208464", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6661", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0553", "https://bugs.gentoo.org/show_bug.cgi?id=333661", "https://bugs.gentoo.org/show_bug.cgi?id=320961", "https://bugs.gentoo.org/show_bug.cgi?id=300375", "https://bugs.gentoo.org/show_bug.cgi?id=322457", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2809", "https://bugs.gentoo.org/show_bug.cgi?id=326759", "https://bugs.gentoo.org/show_bug.cgi?id=316697", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0946", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0829", "https://bugs.gentoo.org/show_bug.cgi?id=329939", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2060", "https://bugs.gentoo.org/show_bug.cgi?id=319719", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4411", "https://bugs.gentoo.org/show_bug.cgi?id=331421", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5907", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1511", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-3005", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0732", "https://bugs.gentoo.org/show_bug.cgi?id=307525", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0361", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2042", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6218", "https://bugs.gentoo.org/show_bug.cgi?id=307633", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2945", "https://bugs.gentoo.org/show_bug.cgi?id=253822", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0040", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0436", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2192", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1205", "https://bugs.gentoo.org/show_bug.cgi?id=329125", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2251", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2056", "https://bugs.gentoo.org/show_bug.cgi?id=332527", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0360", "https://bugs.gentoo.org/show_bug.cgi?id=325507", "https://bugs.gentoo.org/show_bug.cgi?id=259968", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1000", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1382", "https://bugs.gentoo.org/show_bug.cgi?id=300943", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3736"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "0.2", "packageFilename": "UNKNOWN", "packageName": "dev-libs/liblzw", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.4.6", "packageFilename": "UNKNOWN", "packageName": "app-misc/beanstalkd", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "2010.08.05", "packageFilename": "UNKNOWN", "packageName": "www-client/uzbl", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.1-r1", "packageFilename": "UNKNOWN", "packageName": "media-tv/dvbstreamer", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.13", "packageFilename": "UNKNOWN", "packageName": "app-text/dvipng", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "5.1.4", "packageFilename": "UNKNOWN", "packageName": "dev-util/sourcenav", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "804.028-r2", "packageFilename": "UNKNOWN", "packageName": "dev-perl/perl-tk", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "6.7.1-r1", "packageFilename": "UNKNOWN", "packageName": "dev-util/insight", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "0.6.8", "packageFilename": "UNKNOWN", "packageName": "sys-block/partimage", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "4.0.6", "packageFilename": "UNKNOWN", "packageName": "net-ftp/lftp", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.4", "packageFilename": "UNKNOWN", "packageName": "app-arch/gzip", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "0.9.23", "packageFilename": "UNKNOWN", "packageName": "sys-apps/pmount", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.3.2", "packageFilename": "UNKNOWN", "packageName": "x11-misc/slim", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.2.17.1", "packageFilename": "UNKNOWN", "packageName": "net-mail/mlmmj", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "4.3.5-r1", "packageFilename": "UNKNOWN", "packageName": "kde-base/kget", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "3.7.1", "packageFilename": "UNKNOWN", "packageName": "app-text/gv", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.2.0-r4", "packageFilename": "UNKNOWN", "packageName": "x11-apps/xinit", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "4.3", "packageFilename": "UNKNOWN", "packageName": "sys-auth/pam_krb5", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "4.3.5-r1", "packageFilename": "UNKNOWN", "packageName": "kde-base/kdm", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "2.2.49", "packageFilename": "UNKNOWN", "packageName": "sys-apps/acl", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.5.4.3-r3", "packageFilename": "UNKNOWN", "packageName": "media-gfx/splashutils", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "8.4.18-r1", "packageFilename": "UNKNOWN", "packageName": "dev-lang/tk", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "7.1", "packageFilename": "UNKNOWN", "packageName": "app-antivirus/bitdefender-console", "arch": "all", "operator": "le"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "4.2.4.3", "packageFilename": "UNKNOWN", "packageName": "app-arch/ncompress", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.4.14-r1", "packageFilename": "UNKNOWN", "packageName": "sys-devel/m4", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "2.18.7", "packageFilename": "UNKNOWN", "packageName": "x11-libs/gtk+", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "20100418", "packageFilename": "UNKNOWN", "packageName": "net-misc/iputils", "arch": "all", "operator": "lt"}], "description": "### Background\n\nFor more information on the packages listed in this GLSA, please see their homepage referenced in the ebuild. \n\n### Description\n\nVulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. \n\n * Insight\n * Perl Tk Module\n * Source-Navigator\n * Tk\n * Partimage\n * Mlmmj\n * acl\n * Xinit\n * gzip\n * ncompress\n * liblzw\n * splashutils\n * GNU M4\n * KDE Display Manager\n * GTK+\n * KGet\n * dvipng\n * Beanstalk\n * Policy Mount\n * pam_krb5\n * GNU gv\n * LFTP\n * Uzbl\n * Slim\n * Bitdefender Console\n * iputils\n * DVBStreamer\n\n### Impact\n\nA context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions. \n\n### Workaround\n\nThere are no known workarounds at this time.\n\n### Resolution\n\nAll Insight users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-util/insight-6.7.1-r1\"\n \n\nAll Perl Tk Module users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-perl/perl-tk-804.028-r2\"\n \n\nAll Source-Navigator users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-util/sourcenav-5.1.4\"\n \n\nAll Tk users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/tk-8.4.18-r1\"\n \n\nAll Partimage users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-block/partimage-0.6.8\"\n \n\nAll Mlmmj users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-mail/mlmmj-1.2.17.1\"\n \n\nAll acl users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-apps/acl-2.2.49\"\n \n\nAll Xinit users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-apps/xinit-1.2.0-r4\"\n \n\nAll gzip users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-arch/gzip-1.4\"\n \n\nAll ncompress users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-arch/ncompress-4.2.4.3\"\n \n\nAll liblzw users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/liblzw-0.2\"\n \n\nAll splashutils users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=media-gfx/splashutils-1.5.4.3-r3\"\n \n\nAll GNU M4 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-devel/m4-1.4.14-r1\"\n \n\nAll KDE Display Manager users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=kde-base/kdm-4.3.5-r1\"\n \n\nAll GTK+ users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-libs/gtk+-2.18.7\"\n \n\nAll KGet 4.3 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=kde-base/kget-4.3.5-r1\"\n \n\nAll dvipng users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/dvipng-1.13\"\n \n\nAll Beanstalk users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-misc/beanstalkd-1.4.6\"\n \n\nAll Policy Mount users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-apps/pmount-0.9.23\"\n \n\nAll pam_krb5 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-auth/pam_krb5-4.3\"\n \n\nAll GNU gv users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/gv-3.7.1\"\n \n\nAll LFTP users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-ftp/lftp-4.0.6\"\n \n\nAll Uzbl users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/uzbl-2010.08.05\"\n \n\nAll Slim users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=x11-misc/slim-1.3.2\"\n \n\nAll iputils users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/iputils-20100418\"\n \n\nAll DVBStreamer users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-tv/dvbstreamer-1.1-r1\"\n \n\nGentoo has discontinued support for Bitdefender Console. We recommend that users unmerge Bitdefender Console: \n \n \n # emerge --unmerge \"app-antivirus/bitdefender-console\"\n \n\nNOTE: This is a legacy GLSA. Updates for all affected architectures have been available since 2011. It is likely that your system is already no longer affected by these issues.", "edition": 1, "reporter": "Gentoo Foundation", "published": "2014-12-11T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "gentoo", "title": "Multiple packages, Multiple vulnerabilities fixed in 2010", "bulletinFamily": "unix", "cvelist": ["CVE-2010-2060", "CVE-2009-4411", "CVE-2008-0553", "CVE-2009-0946", "CVE-2010-1511", "CVE-2009-0361", "CVE-2008-6218", "CVE-2008-5907", "CVE-2010-0436", "CVE-2010-1205", "CVE-2007-2741", "CVE-2010-0829", "CVE-2009-4896", "CVE-2010-2945", "CVE-2010-2809", "CVE-2009-0040", "CVE-2010-2192", "CVE-2010-2056", "CVE-2009-2042", "CVE-2010-0001", "CVE-2008-6661", "CVE-2010-2529", "CVE-2009-4029", "CVE-2006-3005", "CVE-2010-2251", "CVE-2009-0360", "CVE-2010-0732", "CVE-2008-1382", "CVE-2009-3736", "CVE-2010-1000", "CVE-2009-2624"], "modified": "2014-12-11T00:00:00", "id": "GLSA-201412-08", "href": "https://security.gentoo.org/glsa/201412-08", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-03-29T18:19:44", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0946"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "2.3.9-4ubuntu0.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libfreetype6", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "2.1.10-1ubuntu2.6", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libfreetype6", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "2.3.5-1ubuntu4.8.04.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libfreetype6", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "2.3.7-2ubuntu1.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libfreetype6", "operator": "lt"}], "description": "Tavis Ormandy discovered that FreeType did not correctly handle certain large values in font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges.", "edition": 1, "reporter": "Ubuntu", "published": "2009-04-27T00:00:00", "type": "ubuntu", "title": "FreeType vulnerability", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0946"], "modified": "2009-04-27T00:00:00", "href": "https://usn.ubuntu.com/767-1/", "id": "USN-767-1", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2016-09-04T11:15:55", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "i386", "packageFilename": "freetype-demos-2.2.1-21.el5_3.i386.rpm", "packageName": "freetype-demos", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "src", "packageFilename": "freetype-2.2.1-21.el5_3.src.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "src", "packageFilename": "freetype-2.2.1-21.el5_3.src.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "src", "packageFilename": "freetype-2.2.1-21.el5_3.src.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "ia64", "packageFilename": "freetype-demos-2.2.1-21.el5_3.ia64.rpm", "packageName": "freetype-demos", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "x86_64", "packageFilename": "freetype-demos-2.2.1-21.el5_3.x86_64.rpm", "packageName": "freetype-demos", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "i386", "packageFilename": "freetype-2.2.1-21.el5_3.i386.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "i386", "packageFilename": "freetype-2.2.1-21.el5_3.i386.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "i386", "packageFilename": "freetype-2.2.1-21.el5_3.i386.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "i386", "packageFilename": "freetype-devel-2.2.1-21.el5_3.i386.rpm", "packageName": "freetype-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "i386", "packageFilename": "freetype-devel-2.2.1-21.el5_3.i386.rpm", "packageName": "freetype-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "x86_64", "packageFilename": "freetype-2.2.1-21.el5_3.x86_64.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "ia64", "packageFilename": "freetype-devel-2.2.1-21.el5_3.ia64.rpm", "packageName": "freetype-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "x86_64", "packageFilename": "freetype-devel-2.2.1-21.el5_3.x86_64.rpm", "packageName": "freetype-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.2.1-21.el5_3", "arch": "ia64", "packageFilename": "freetype-2.2.1-21.el5_3.ia64.rpm", "packageName": "freetype", "operator": "lt"}], "description": "[2.2.1-21]\n- Add freetype-2009-CVEs.patch\n- Resolves: #496111 ", "edition": 1, "reporter": "Oracle", "published": "2009-05-22T00:00:00", "title": "freetype security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "oraclelinux", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0946"], "modified": "2009-05-22T00:00:00", "id": "ELSA-2009-1061", "href": "http://linux.oracle.com/errata/ELSA-2009-1061.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:16:48", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "x86_64", "packageFilename": "freetype-utils-2.1.9-10.el4.7.x86_64.rpm", "packageName": "freetype-utils", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "i386", "packageFilename": "freetype-2.1.9-10.el4.7.i386.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "i386", "packageFilename": "freetype-2.1.9-10.el4.7.i386.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "i386", "packageFilename": "freetype-2.1.9-10.el4.7.i386.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "i386", "packageFilename": "freetype-2.1.4-12.el3.i386.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "i386", "packageFilename": "freetype-2.1.4-12.el3.i386.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "i386", "packageFilename": "freetype-utils-2.1.9-10.el4.7.i386.rpm", "packageName": "freetype-utils", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "x86_64", "packageFilename": "freetype-2.1.9-10.el4.7.x86_64.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "src", "packageFilename": "freetype-2.1.9-10.el4.7.src.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "src", "packageFilename": "freetype-2.1.9-10.el4.7.src.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "src", "packageFilename": "freetype-2.1.9-10.el4.7.src.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "x86_64", "packageFilename": "freetype-devel-2.1.9-10.el4.7.x86_64.rpm", "packageName": "freetype-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "x86_64", "packageFilename": "freetype-2.1.4-12.el3.x86_64.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ia64", "packageFilename": "freetype-demos-2.1.9-10.el4.7.ia64.rpm", "packageName": "freetype-demos", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ia64", "packageFilename": "freetype-devel-2.1.9-10.el4.7.ia64.rpm", "packageName": "freetype-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "x86_64", "packageFilename": "freetype-demos-2.1.9-10.el4.7.x86_64.rpm", "packageName": "freetype-demos", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "src", "packageFilename": "freetype-2.1.4-12.el3.src.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "src", "packageFilename": "freetype-2.1.4-12.el3.src.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "i386", "packageFilename": "freetype-devel-2.1.9-10.el4.7.i386.rpm", "packageName": "freetype-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "i386", "packageFilename": "freetype-devel-2.1.4-12.el3.i386.rpm", "packageName": "freetype-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "i386", "packageFilename": "freetype-demos-2.1.9-10.el4.7.i386.rpm", "packageName": "freetype-demos", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ia64", "packageFilename": "freetype-2.1.9-10.el4.7.ia64.rpm", "packageName": "freetype", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "3", "packageVersion": "2.1.4-12.el3", "arch": "x86_64", "packageFilename": "freetype-devel-2.1.4-12.el3.x86_64.rpm", "packageName": "freetype-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.1.9-10.el4.7", "arch": "ia64", "packageFilename": "freetype-utils-2.1.9-10.el4.7.ia64.rpm", "packageName": "freetype-utils", "operator": "lt"}], "description": "[2.1.9-10.el4.7]\n- Improve freetype-1.4pre-CVE-2008-1808.patch\n[2.1.9-9.el4.7]\n- Add freetype-2009-CVEs.patch (Fixes CVE-2009-0946)\n (Doesn't apply to freetype1)\n- Add freetype-1.4pre-CVE-2008-1808.patch\n (Corresponds to freetype-2.3.5-CVEs.patch)\n- Add freetype-pre1.4-ttf-overflow.patch\n (Corresponds to freetype-2.1.9-ttf-overflow.patch;\n freetype-2.2.1-bdf-overflow.patch doesn't apply to freetype1)\n- Add freetype-pre1.4-CVE-2006-1861-null-pointer.patch\n (Corresponds to freetype-2.1.9-CVE-2006-1861-null-pointer.patch;\n The rest of CVS-2006-1861 doesn't apply to freetype1)\n- Resolves: #484443\n[2.1.9-8.1.el4]\n- Update patches to remove fuzz, such that it builds again\n- In preparation to fix:\n- Resolves: #484443", "edition": 1, "reporter": "Oracle", "published": "2009-05-26T00:00:00", "title": "freetype security update", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "oraclelinux", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0946", "CVE-2008-1808", "CVE-2007-2754", "CVE-2006-1861"], "modified": "2009-05-26T00:00:00", "id": "ELSA-2009-0329", "href": "http://linux.oracle.com/errata/ELSA-2009-0329.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}}
