Lucene search

K
oraclelinuxOracleLinuxELSA-2015-0696
HistoryMar 17, 2015 - 12:00 a.m.

freetype security update

2015-03-1700:00:00
linux.oracle.com
9

0.036 Low

EPSS

Percentile

90.6%

[2.3.11-15.el6_6.1]

  • Fixes CVE-2014-9657
    • Check minimum size of record_size.
  • Fixes CVE-2014-9658
    • Use correct value for minimum table length test.
  • Fixes CVE-2014-9675
    • New macro that checks one character more than strncmp.
  • Fixes CVE-2014-9660
    • Check _BDF_GLYPH_BITS.
  • Fixes CVE-2014-9661
    • Initialize face->ttf_size.
    • Always set face->ttf_size directly.
    • Exclusively use the truetype font driver for loading
      the font contained in the sfnts array.
  • Fixes CVE-2014-9663
    • Fix order of validity tests.
  • Fixes CVE-2014-9664
    • Add another boundary testing.
    • Fix boundary testing.
  • Fixes CVE-2014-9667
    • Protect against addition overflow.
  • Fixes CVE-2014-9669
    • Protect against overflow in additions and multiplications.
  • Fixes CVE-2014-9670
    • Add sanity checks for row and column values.
  • Fixes CVE-2014-9671
    • Check size and offset values.
  • Fixes CVE-2014-9673
    • Fix integer overflow by a broken POST table in resource-fork.
  • Fixes CVE-2014-9674
    • Fix integer overflow by a broken POST table in resource-fork.
    • Additional overflow check in the summation of POST fragment lengths.
  • Work around behaviour of X11s pcfWriteFont and pcfReadFont functions
  • Resolves: #1197737
    [2.3.11-15]
  • Fix CVE-2012-5669
    (Use correct array size for checking glyph_enc)
  • Resolves: #903543