Debian Bug report logs -
#696691
freetype: multiple vulnerabilities in freetype before 2.4.11
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 25 Dec 2012 23:36:01 UTC
Severity: grave
Tags: patch, security
Found in versions freetype/2.4.9-1, freetype/2.4.2-1
Fixed in version freetype/2.4.9-1.1
Done: Salvatore Bonaccorso <carnil@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Steve Langasek <vorlon@debian.org>:
Bug#696691; Package src:freetype.
(Tue, 25 Dec 2012 23:36:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Steve Langasek <vorlon@debian.org>.
(Tue, 25 Dec 2012 23:36:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: freetype
Severity: grave
Tags: security
Justification: user security hole
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi,
the following vulnerabilities were published for freetype.
CVE-2012-5670[0]:
Out-of-bounds write in _bdf_parse_glyphs
CVE-2012-5669[1]:
Out-of-bounds read in _bdf_parse_glyphs
CVE-2012-5668[2]:
NULL Pointer Dereference in bdf_free_font
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] http://security-tracker.debian.org/tracker/CVE-2012-5670
https://savannah.nongnu.org/bugs/?37907
[1] http://security-tracker.debian.org/tracker/CVE-2012-5669
https://savannah.nongnu.org/bugs/?37906
[2] http://security-tracker.debian.org/tracker/CVE-2012-5668
https://savannah.nongnu.org/bugs/?37905
Please adjust the affected versions in the BTS as needed.
Note I'm only reporting these issues reportd in [3] to the BTS.
[3] http://www.openwall.com/lists/oss-security/2012/12/25/1
Regards,
Salvatore
- -- System Information:
Debian Release: 7.0
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCgAGBQJQ2jd5AAoJEHidbwV/2GP+aVsP/iZF8NvECdGiP2vfGMiN1/iB
Cqn4oRJW24ZhvONmw4xOumcjrqVPEV9BJ36wFQk7PWAzJSxq4mSb1ntJV5oZtUa+
yYQeNweoBTYc53wvc66YmQa31XzvhbayPZrAIt40cJE87DcvjN3DFF/kNuIHCiCS
p46v27heaMfVazuB7QCyYglmNkeQ9orfRi4XECYCRlNz0aKxBcl9QqdbFKZj7f41
RGF/Qvx7iYI6zoDpsPAJlXGYJkCRwogIP61tL4Q0VjgQI4aCzRW8TloM9dU45Iwk
NDjXKsJlvRDtlPnxxhWZsqXGHWMvn7MfNFdMzO88GwWemEBTerd65KKUqocqttME
DEiW9a1/wWyronBonzqwm/YSyyET61mHMJ191l98SUOSuPAXwPTsmCauKXqFJPog
HTWMYz17WoWJCdCwB5SrLYUp0yEP4IsSGggWR2k66k6rzUDVGdAH3b5c/z51Qzjx
bza+ALQGpZH5S4riG7D6nReDwHop+8ASIvA/yiE/t5wDeOWWOLVvHxN/9ha7t+yP
dXPwcgK4ig/uwpYyhYpMkpFWuU0PHMXHHZ1yEncXdFDi8MQ3lG4cClNGbIHQMqJE
xoq5qMg9nRD1ZLHjfs0gBhBeQGmbKH/9cSEjnCR4k5r8UcM7gonbwrlGwbyekoFu
NK1h4G3vwISrD1aBeO8V
=2ofn
-----END PGP SIGNATURE-----
Information forwarded
to debian-bugs-dist@lists.debian.org, Steve Langasek <vorlon@debian.org>:
Bug#696691; Package src:freetype.
(Wed, 26 Dec 2012 00:06:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Steve Langasek <vorlon@debian.org>.
(Wed, 26 Dec 2012 00:06:06 GMT) (full text, mbox, link).
Message #10 received at 696691@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Control: tags -1 + patch
Hi Steve
Attached the debdiff containing the three git commints as quilt
patches. They apply (with small offset).
Hope that helps,
Regards,
Salvatore
[freetype_2.4.9-2.debdiff (text/plain, attachment)]
[signature.asc (application/pgp-signature, inline)]
Added tag(s) patch.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 696691-submit@bugs.debian.org.
(Wed, 26 Dec 2012 00:06:06 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Steve Langasek <vorlon@debian.org>:
Bug#696691; Package src:freetype.
(Fri, 28 Dec 2012 21:12:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Steve Langasek <vorlon@debian.org>.
(Fri, 28 Dec 2012 21:12:03 GMT) (full text, mbox, link).
Message #17 received at 696691@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
tags 696691 + pending
thanks
Hi Steve
I have uploaded the NMU (without delay) versioned as 2.4.9-1.1, as you
gave me the ACK on IRC. Attached the full debdiff for the upload!
Regards,
Salvatore
[freetype-2.4.9-1.1-nmu.diff (text/x-diff, attachment)]
[signature.asc (application/pgp-signature, inline)]
Added tag(s) pending.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Fri, 28 Dec 2012 21:12:05 GMT) (full text, mbox, link).
Reply sent
to Salvatore Bonaccorso <carnil@debian.org>:
You have taken responsibility.
(Fri, 28 Dec 2012 21:18:16 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Fri, 28 Dec 2012 21:18:16 GMT) (full text, mbox, link).
Message #24 received at 696691-close@bugs.debian.org (full text, mbox, reply):
Source: freetype
Source-Version: 2.4.9-1.1
We believe that the bug you reported is fixed in the latest version of
freetype, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 696691@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated freetype package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 28 Dec 2012 21:32:28 +0100
Source: freetype
Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb
Architecture: source amd64
Version: 2.4.9-1.1
Distribution: unstable
Urgency: high
Maintainer: Steve Langasek <vorlon@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
freetype2-demos - FreeType 2 demonstration programs
libfreetype6 - FreeType 2 font engine, shared library files
libfreetype6-dev - FreeType 2 font engine, development files
libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb)
Closes: 696691
Changes:
freetype (2.4.9-1.1) unstable; urgency=high
.
* Non-maintainer upload.
Upload ACKed by Steve Langasek <vorlon@debian.org> on #debian-devel.
* Add savannah-bug-37905.patch patch
[SECURITY] CVE-2012-5668: NULL Pointer Dereference in bdf_free_font.
(Closes: #696691)
* Add savannah-bug-37906.patch patch
[SECURITY] CVE-2012-5669: Out-of-bounds read in _bdf_parse_glyphs.
(Closes: #696691)
* Add savannah-bug-37907.patch patch
[SECURITY] CVE-2012-5670: Out-of-bounds write in _bdf_parse_glyphs.
(Closes: #696691)
Checksums-Sha1:
b7f5583ba9e38ff515a51083d4f2a1e067dca274 2042 freetype_2.4.9-1.1.dsc
e92c3ce97cecd907fe8b2e474512a2cf88eeb558 38477 freetype_2.4.9-1.1.diff.gz
acac1459e13b916f3ed47022a306d504c8d9ea95 451498 libfreetype6_2.4.9-1.1_amd64.deb
6a5dfedf4b9c81950a7ac1ecd89fb8e446f238a5 804940 libfreetype6-dev_2.4.9-1.1_amd64.deb
c3e4774fd7f51ba173e028aaeb0ffd0fd5785ff3 218226 freetype2-demos_2.4.9-1.1_amd64.deb
e0270c9d8dee81cf26480989d8a3c8c7641b7da8 272504 libfreetype6-udeb_2.4.9-1.1_amd64.udeb
Checksums-Sha256:
81be2061cc96277fdded252bebfcabb8656011882b7743c98b98a070ff925401 2042 freetype_2.4.9-1.1.dsc
66f03d0d1341ed0faeccc9f38bbfd996aa9099dc8e15e6e6225e979e4309292e 38477 freetype_2.4.9-1.1.diff.gz
76dafed34b9cdcdab13268c00a514cf8f43740fef1ed6d843978095582a9059b 451498 libfreetype6_2.4.9-1.1_amd64.deb
f3f3229a31c5721f88b5c29a370580edebc8f1ddbb01c355cf6ecfc837c7a227 804940 libfreetype6-dev_2.4.9-1.1_amd64.deb
f08dda7bf1bc64f6517bf9fd9921cf7b399de88ab94ca736695d6e8932a99b61 218226 freetype2-demos_2.4.9-1.1_amd64.deb
6d3d4397a9adb41d540e90dc4ac11f477b5a8aa6bd92f974a0c0818536056c2d 272504 libfreetype6-udeb_2.4.9-1.1_amd64.udeb
Files:
bc21967bfbcbaeea6e5eb065253fdf5e 2042 libs optional freetype_2.4.9-1.1.dsc
e3113bc44a355d27c4a242697542020d 38477 libs optional freetype_2.4.9-1.1.diff.gz
9de3b390b3bfc1662e6acf16f03c5ecf 451498 libs optional libfreetype6_2.4.9-1.1_amd64.deb
a19ba5cf3e2c006410d609b66ff399fb 804940 libdevel optional libfreetype6-dev_2.4.9-1.1_amd64.deb
5a8bf00c21221d58c3c5db8e7bf0b4a3 218226 utils optional freetype2-demos_2.4.9-1.1_amd64.deb
896ee7eea04f813f5afa9b75fa60d6ab 272504 debian-installer extra libfreetype6-udeb_2.4.9-1.1_amd64.udeb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCgAGBQJQ3gk+AAoJEHidbwV/2GP+s1AQAOfytyhE9Q0etAe46pezl1wv
t9O7VknqMUKHYoHTZdOVC4+0TgL/AGSLQocdQWMAP8/keNFJ0rRr6BZpawmmzuTC
ZGHITAGSZffP8oju0hh8us+PJRgJpL70WlAs40BhwcIo+ht85V/ERP0EGC0kS1Iw
jqfQYbQrOK2n8sFaSgtOOCxueMCawSKVecEHsIOVOVWBRE6YbZmJI/v9oz/OXvOX
Mdo7x74C9AKVcEleG5iYnlo2M1F3YswCOEbbsWmdSNVdKH/85ibf36AevTp+fbq6
Qa+tN1SCEvns+KzBcFSnTDkZQcQRLWBdFobJ8lz61LF5bdh8DXNuz5J1ns0EY9tH
PbyMpfLElCpz5z/BvyTnZzy9Y3odAieMfPDWMmZ/35YSKk1o9UIkrIC1M8S+G9SD
ossLw7e1i+h6nxC42saLSe0JOyi6CL4/p03x51Hry0Y75v7+yG7HHGQwimkjhFrX
t8GeJFxJGzO7tkdxvwCfLOgNqC2KmWn2fFTNx8udo+iYFmN5pUnRwa+tnWN4Ultr
5jBttCQIu/w0joZwtlZp0OBXsVdGne22X5yyq2zLfri+GJAZaMmyRQW9EGPcbzOw
uochlu/JFX3pUQ4Lfw3XrDHQ+8hg0bNHpGE0+CDaZf5T4rSRH2Eeboo7WzG2InB4
eRapB33yS/Qcw0CKA+Fq
=RpK+
-----END PGP SIGNATURE-----
Marked as found in versions freetype/2.4.9-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Fri, 28 Dec 2012 21:24:03 GMT) (full text, mbox, link).
Marked as found in versions freetype/2.4.2-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Fri, 28 Dec 2012 21:24:06 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 02 Jun 2013 08:28:30 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 14:51:24 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon