=========================================================== Ubuntu Security Notice USN-291-1 June 08, 2006 freetype vulnerabilities CVE-2006-0747, CVE-2006-1861, CVE-2006-2493, CVE-2006-2661 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: libfreetype6 2.1.7-2.3ubuntu0.1 Ubuntu 5.10: libfreetype6 2.1.7-2.4ubuntu1.1 Ubuntu 6.06 LTS: libfreetype6 2.1.10-1ubuntu2.1 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: Several integer overflows have been discovered in the FreeType library. By tricking a user into installing and/or opening a specially crafted font file, these could be exploited to execute arbitrary code with the privileges of that user. Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.3ubuntu0.1.diff.gz Size/MD5: 55085 0be8f928fd34db525db66f8cd07f79e2 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.3ubuntu0.1.dsc Size/MD5: 695 55710d777fdc8cee093e4eb17d03b8e4 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7.orig.tar.gz Size/MD5: 1245623 991ff86e88b075ba363e876f4ea58680 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.3ubuntu0.1_amd64.deb Size/MD5: 76248 654defa84e451a720843e160d9e0ad4b http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.3ubuntu0.1_amd64.deb Size/MD5: 723698 ac752c537fcd86b0e15366f75237c8c4 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.3ubuntu0.1_amd64.udeb Size/MD5: 238246 7bcc9b311d84ac923693484563415fc0 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.3ubuntu0.1_amd64.deb Size/MD5: 389494 0c1c61803010adc6ac4303e0ed34cab4 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.3ubuntu0.1_i386.deb Size/MD5: 57070 96143b6b668cdf1301a1f0d8cb935f38 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.3ubuntu0.1_i386.deb Size/MD5: 688162 c16278b396bc6a3932e6488f6a4302d6 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.3ubuntu0.1_i386.udeb Size/MD5: 208092 ce4669a078ce4c5cd25e53e372fbc0f2 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.3ubuntu0.1_i386.deb Size/MD5: 358818 1e05d62b7c8fd3ed25ce9590289038b7 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.3ubuntu0.1_powerpc.deb Size/MD5: 81974 261cb107a20048a653b7363e5e763095 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.3ubuntu0.1_powerpc.deb Size/MD5: 730026 45f7603197520093383be1bc4ef71768 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.3ubuntu0.1_powerpc.udeb Size/MD5: 227736 82ba5fdb752f1e14a168356eb58040d4 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.3ubuntu0.1_powerpc.deb Size/MD5: 378628 560ddb84ab50151db4950def5ca94f20 Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.1.diff.gz Size/MD5: 56497 c0d09dab367b91d60391bfbe1614a751 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.1.dsc Size/MD5: 695 baa464576ecff8f71180b69c43f3d3d7 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7.orig.tar.gz Size/MD5: 1245623 991ff86e88b075ba363e876f4ea58680 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.1_amd64.deb Size/MD5: 75536 763397ace4438b17c1d553e742164392 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.1_amd64.deb Size/MD5: 722918 ab4ac77fc4c341c5b9e3e5d8b7cd03ad http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.1_amd64.udeb Size/MD5: 241670 71a3a0944b74daf49d428096258481d4 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.1_amd64.deb Size/MD5: 392814 ac0b9929a7839fe770b81d8934811f91 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.1_i386.deb Size/MD5: 52860 a37576a3dbe5adfed3a05c4fbddb19b2 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.1_i386.deb Size/MD5: 686328 4f072876bcec9df39915a566ac49e2a2 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.1_i386.udeb Size/MD5: 209218 a9d8c9cab213fbe51a8eef52a4267ea8 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.1_i386.deb Size/MD5: 361040 66daf7be5122e8369b7085911474324c powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.1_powerpc.deb Size/MD5: 80650 225e45de7b0bef7738099c6ab540d837 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.1_powerpc.deb Size/MD5: 729230 389b6d1fff87a233ac1069f2f6e8eeda http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.1_powerpc.udeb Size/MD5: 230578 78766403e83e824b01f3766536aef1b6 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.1_powerpc.deb Size/MD5: 382364 042a895f84a516016cf9bf7356c2b447 Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.1.diff.gz Size/MD5: 58558 79b6094aa1485cb4b51492a694ad2467 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.1.dsc Size/MD5: 712 6618f5ae25407290002cd630a1cb192c http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10.orig.tar.gz Size/MD5: 1323617 adf145ce51196ad1b3054d5fb032efe6 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.1_amd64.deb Size/MD5: 133860 b0e59ff50e7416e9a2c4fc8ba1788c9e http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.1_amd64.deb Size/MD5: 717390 0fcd39ae070d8a8430a8cd543ce8b704 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.1_amd64.udeb Size/MD5: 251578 1fb9bc4ea48ec0ae313ccd5c8168dcbc http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.1_amd64.deb Size/MD5: 439670 fad383210a9aa49c63860ad8a1e289e7 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.1_i386.deb Size/MD5: 117362 a685d9019bb23650e2f283dd059ed095 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.1_i386.deb Size/MD5: 677390 7e56e5fd91125b15d28f59f15bb38689 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.1_i386.udeb Size/MD5: 227202 6655ab5bcef72341109e6a9ac070a945 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.1_i386.deb Size/MD5: 415304 a3cd03083f522a103c4580cbfc335297 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.1_powerpc.deb Size/MD5: 134240 47d1ce7690132ebaf7e0f434a0f0b25a http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.1_powerpc.deb Size/MD5: 708398 f76b4949a148fe47b55fe17de22ccc64 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.1_powerpc.udeb Size/MD5: 241400 7837a5d97bba618e35fcfc085e91e9ae http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.1_powerpc.deb Size/MD5: 429784 93f21b206f517f81b6498fe791e5ef3a
Attachment:
signature.asc
Description: Digital signature