=========================================================== Ubuntu Security Notice USN-324-1 July 27, 2006 freetype vulnerability CVE-2006-3467 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: libfreetype6 2.1.7-2.3ubuntu0.2 Ubuntu 5.10: libfreetype6 2.1.7-2.4ubuntu1.2 Ubuntu 6.06 LTS: libfreetype6 2.1.10-1ubuntu2.2 After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: An integer overflow has been discovered in the FreeType library. By tricking a user into installing and/or opening a specially crafted font file, these could be exploited to execute arbitrary code with the privileges of that user. Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.3ubuntu0.2.diff.gz Size/MD5: 55469 22d16c4f3ab2c4eab015dcc8f336ce99 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.3ubuntu0.2.dsc Size/MD5: 695 ec0bfc2c291757e9d30db54201946ba6 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7.orig.tar.gz Size/MD5: 1245623 991ff86e88b075ba363e876f4ea58680 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.3ubuntu0.2_amd64.deb Size/MD5: 76246 1718a6f444257aeb573f019228311dd8 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.3ubuntu0.2_amd64.deb Size/MD5: 723688 8651fcec88e545b6bd41ead719c3524b http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.3ubuntu0.2_amd64.udeb Size/MD5: 238240 d75ec89b93e23495695d83cf04e106e7 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.3ubuntu0.2_amd64.deb Size/MD5: 389520 47f2467f64491f023fde169b2e1daac0 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.3ubuntu0.2_i386.deb Size/MD5: 57074 b8dfc28165ef707d7ccff6f1ddcd78b7 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.3ubuntu0.2_i386.deb Size/MD5: 688166 272205d732d611ccc9059d746a0fec82 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.3ubuntu0.2_i386.udeb Size/MD5: 208104 b5ff69244ebd5fafc405093f4c66257b http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.3ubuntu0.2_i386.deb Size/MD5: 358920 df695f8579c9cfced57946f1694a5971 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.3ubuntu0.2_powerpc.deb Size/MD5: 81976 d32762739aa42a17e83e7782ea7593ab http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.3ubuntu0.2_powerpc.deb Size/MD5: 729990 7ac5ac91e87b2f7397dad7badfd8fe82 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.3ubuntu0.2_powerpc.udeb Size/MD5: 227726 80e32a6fe3342931d40fa66fde70d1c5 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.3ubuntu0.2_powerpc.deb Size/MD5: 378686 5ec5252b14c13f9aafe0942c7200c3d7 Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.2.diff.gz Size/MD5: 56886 bfb6ddcd3ee0b1b2165d69242e8cf795 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7-2.4ubuntu1.2.dsc Size/MD5: 695 ac8e7fbf7319163e1c1b80ddd39cd2b8 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.7.orig.tar.gz Size/MD5: 1245623 991ff86e88b075ba363e876f4ea58680 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.2_amd64.deb Size/MD5: 75538 f67d2e22c7b2273cd11354ec371f8874 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.2_amd64.deb Size/MD5: 722922 a127c57c8962185c2a4dc5143d8c76fc http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.2_amd64.udeb Size/MD5: 241766 e3d145f8588068d7cd8a2442ffe7f503 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.2_amd64.deb Size/MD5: 392870 ce6b8f293838423189e2192f763f22cd i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.2_i386.deb Size/MD5: 52860 a58cfbbd0bd00a370358cfe38301d724 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.2_i386.deb Size/MD5: 686330 3e87473db7907faa5478757bf7b146d4 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.2_i386.udeb Size/MD5: 209226 1ad43cf462ee9638824f9f6220fbdb3f http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.2_i386.deb Size/MD5: 361008 7cef230cb176dbb5333515efc8b4de01 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.2_powerpc.deb Size/MD5: 80654 50fa4d6c2d6b86d0bc59c5d60f2bfb81 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.2_powerpc.deb Size/MD5: 729244 d93709e092a755113b1ca7003ac8a150 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.2_powerpc.udeb Size/MD5: 230622 7628ce28e88c99a1d9ad65884d743e4a http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.2_powerpc.deb Size/MD5: 382386 ca1b6b1b2fe55bbc8db3f30e378b0815 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.7-2.4ubuntu1.2_sparc.deb Size/MD5: 68644 0a915a243336cce0e8bc2e2c1b8b75d2 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.7-2.4ubuntu1.2_sparc.deb Size/MD5: 699930 8ca38cbea67853872f9a2dc5e88155e4 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.7-2.4ubuntu1.2_sparc.udeb Size/MD5: 216440 696a36b38764b5a5705dbe3031b26912 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.7-2.4ubuntu1.2_sparc.deb Size/MD5: 367194 32d9b3ec3cb1195df32fbac748b26781 Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.2.diff.gz Size/MD5: 58955 86284166a61c0365d4ca694b56f8a6f9 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.2.dsc Size/MD5: 712 263a6ca4799908f31d10d36328f7a638 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10.orig.tar.gz Size/MD5: 1323617 adf145ce51196ad1b3054d5fb032efe6 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.2_amd64.deb Size/MD5: 133858 5f39edee770917a61469583275646023 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.2_amd64.deb Size/MD5: 717436 82a1775b7b011358d28dd1c5a32d2351 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.2_amd64.udeb Size/MD5: 251628 3b663b79c67f75bf884f762227fa829f http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.2_amd64.deb Size/MD5: 439684 10d778bea1438aeee117099b58f1f4cc i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.2_i386.deb Size/MD5: 117360 953068d4342325955839f8726caa3e6b http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.2_i386.deb Size/MD5: 677424 240dbf5db935844608cd79bc72ab7552 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.2_i386.udeb Size/MD5: 227210 3f6f98f2b23e6d9b521d944484c6b952 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.2_i386.deb Size/MD5: 415294 6b64562d15b698514ad756e8fa2cbe5a powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.2_powerpc.deb Size/MD5: 134254 430853b27da9b5e9cee471d26894c056 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.2_powerpc.deb Size/MD5: 708424 67ab9f899b0d5be1980c72a5bc18245a http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.2_powerpc.udeb Size/MD5: 241400 074a3b9dc07de4cbb8dbb9dc48a1f573 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.2_powerpc.deb Size/MD5: 429766 68084f2259f5f0e98ac76d14809101be sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.2_sparc.deb Size/MD5: 120078 e115a0a19e9c1da6f440a8b947bf391e http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.2_sparc.deb Size/MD5: 683520 4d047cba5a3beb77063659ac486e757f http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.2_sparc.udeb Size/MD5: 222358 9d74b30ebd753b679895093a3fc734aa http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.2_sparc.deb Size/MD5: 410764 5716abdb3f42c880928e5c39c2dc12a9
Attachment:
signature.asc
Description: Digital signature