Novell Home

CVE-2009-0946

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

CVE-2009-0946 at MITRE

Details

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
Novell Bugzilla entries: 485889,496289,541626

SUSE Security Advisories:

Product(s) Fixed package version(s) References
SLES 11 DEBUGINFO
  • freetype2-debuginfo >= 2.3.7-25.9.1
  • freetype2-debugsource >= 2.3.7-25.9.1
 sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
SAT Patch Nr: 792
SLES 11 DEBUGINFO
  • freetype2-debuginfo >= 2.3.7-25.9.1
  • freetype2-debuginfo-x86 >= 2.3.7-25.9.1
  • freetype2-debugsource >= 2.3.7-25.9.1
 sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
SAT Patch Nr: 792
SLES 11 DEBUGINFO
  • freetype2-debuginfo >= 2.3.7-25.9.1
  • freetype2-debuginfo-32bit >= 2.3.7-25.9.1
  • freetype2-debugsource >= 2.3.7-25.9.1
 sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
SAT Patch Nr: 792
SLE 11
  • freetype2-devel >= 2.3.7-25.9.1
 sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
SAT Patch Nr: 792
SLE 11
  • freetype2-devel >= 2.3.7-25.9.1
  • freetype2-devel-32bit >= 2.3.7-25.9.1
 sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
SAT Patch Nr: 792
SLED 11
  • freetype2 >= 2.3.7-25.9.1
  • freetype2-devel >= 2.3.7-25.9.1
 sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
SAT Patch Nr: 792
SLED 11
  • freetype2 >= 2.3.7-25.9.1
  • freetype2-32bit >= 2.3.7-25.9.1
  • freetype2-devel >= 2.3.7-25.9.1
 sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
SAT Patch Nr: 792
SLES 11
  • freetype2 >= 2.3.7-25.9.1
 sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
SAT Patch Nr: 792
SLES 11
  • freetype2 >= 2.3.7-25.9.1
  • freetype2-x86 >= 2.3.7-25.9.1
 sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
SAT Patch Nr: 792
SLES 11
  • freetype2 >= 2.3.7-25.9.1
  • freetype2-32bit >= 2.3.7-25.9.1
 sle11-debuginfo. ia64
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
SAT Patch Nr: 792
openSUSE 10.3
  • freetype2 >= 2.3.5-18.4
  • freetype2-32bit >= 2.3.5-18.4
  • freetype2-64bit >= 2.3.5-18.4
  • freetype2-devel >= 2.3.5-18.4
  • freetype2-devel-32bit >= 2.3.5-18.4
  • freetype2-devel-64bit >= 2.3.5-18.4
 ZYPP Patch Nr: 6185
SAT Patch Nr: 794
openSUSE 11.0
  • freetype2-debuginfo >= 2.3.5-62.5
  • freetype2-debugsource >= 2.3.5-62.5
 ZYPP Patch Nr: 6185
SAT Patch Nr: 794
openSUSE 11.0
  • freetype2 >= 2.3.5-62.5
  • freetype2-32bit >= 2.3.5-62.5
  • freetype2-64bit >= 2.3.5-62.5
  • freetype2-devel >= 2.3.5-62.5
  • freetype2-devel-32bit >= 2.3.5-62.5
  • freetype2-devel-64bit >= 2.3.5-62.5
 ZYPP Patch Nr: 6185
SAT Patch Nr: 794
openSUSE 11.1
  • freetype2-debuginfo >= 2.3.7-24.2.1
  • freetype2-debuginfo-32bit >= 2.3.7-24.2.1
  • freetype2-debuginfo-64bit >= 2.3.7-24.2.1
  • freetype2-debugsource >= 2.3.7-24.2.1
 ZYPP Patch Nr: 6185
SAT Patch Nr: 794
openSUSE 11.1
  • freetype2 >= 2.3.7-24.2.1
  • freetype2-32bit >= 2.3.7-24.2.1
  • freetype2-64bit >= 2.3.7-24.2.1
  • freetype2-devel >= 2.3.7-24.2.1
  • freetype2-devel-32bit >= 2.3.7-24.2.1
  • freetype2-devel-64bit >= 2.3.7-24.2.1
 ZYPP Patch Nr: 6185
SAT Patch Nr: 794
Novell Linux Desktop 9 for x86
Novell Linux POS 9
Open Enterprise Server
SUSE CORE 9 for IBM S/390 31bit
SUSE CORE 9 for x86
  • freetype2 >= 2.1.7-53.21
  • freetype2-devel >= 2.1.7-53.21
 core9. x86
core9. s390
core9. ia64
core9. x86-64
sles9-nlpos. x86
core9. s390x
sles9-oes. x86
sles9-nld. x86-64
core9. ppc
sles9-nld. x86
YOU Patch Nr: 12398
SUSE CORE 9 for Itanium Processor Family
  • freetype2 >= 2.1.7-53.21
  • freetype2-devel >= 2.1.7-53.21
  • freetype2-x86 >= 9-200904162346
 core9. x86
core9. s390
core9. ia64
core9. x86-64
sles9-nlpos. x86
core9. s390x
sles9-oes. x86
sles9-nld. x86-64
core9. ppc
sles9-nld. x86
YOU Patch Nr: 12398
SUSE CORE 9 for IBM POWER
  • freetype2 >= 2.1.7-53.21
  • freetype2-64bit >= 9-200904170054
  • freetype2-devel >= 2.1.7-53.21
  • freetype2-devel-64bit >= 9-200904170054
 core9. x86
core9. s390
core9. ia64
core9. x86-64
sles9-nlpos. x86
core9. s390x
sles9-oes. x86
sles9-nld. x86-64
core9. ppc
sles9-nld. x86
YOU Patch Nr: 12398
SUSE CORE 9 for IBM zSeries 64bit
  • freetype2 >= 2.1.7-53.21
  • freetype2-32bit >= 9-200904170004
  • freetype2-devel >= 2.1.7-53.21
  • freetype2-devel-32bit >= 9-200904170004
 core9. x86
core9. s390
core9. ia64
core9. x86-64
sles9-nlpos. x86
core9. s390x
sles9-oes. x86
sles9-nld. x86-64
core9. ppc
sles9-nld. x86
YOU Patch Nr: 12398
Novell Linux Desktop 9 for x86_64
SUSE CORE 9 for AMD64 and Intel EM64T
  • freetype2 >= 2.1.7-53.21
  • freetype2-32bit >= 9-200904162346
  • freetype2-devel >= 2.1.7-53.21
  • freetype2-devel-32bit >= 9-200904162346
 core9. x86
core9. s390
core9. ia64
core9. x86-64
sles9-nlpos. x86
core9. s390x
sles9-oes. x86
sles9-nld. x86-64
core9. ppc
sles9-nld. x86
YOU Patch Nr: 12398
SUSE Linux Enterprise Desktop 10 SP2 for x86
SUSE Linux Enterprise Server 10 SP2 for x86
  • freetype2 >= 2.1.10-18.20
  • freetype2-devel >= 2.1.10-18.20
 sles10-sp2. ia64
sles10-sp2. ppc
sled10-sp2. x86-64
sles10-sp2. x86-64
sles10-sp2. x86
sled10-sp2. x86
sles10-sp2. s390x
ZYPP Patch Nr: 6181
SUSE Linux Enterprise Server 10 SP2 for IPF
  • freetype2 >= 2.1.10-18.20
  • freetype2-devel >= 2.1.10-18.20
  • freetype2-x86 >= 2.1.10-18.20
 sles10-sp2. ia64
sles10-sp2. ppc
sled10-sp2. x86-64
sles10-sp2. x86-64
sles10-sp2. x86
sled10-sp2. x86
sles10-sp2. s390x
ZYPP Patch Nr: 6181
SUSE Linux Enterprise Server 10 SP2 for IBM POWER
  • freetype2 >= 2.1.10-18.20
  • freetype2-64bit >= 2.1.10-18.20
  • freetype2-devel >= 2.1.10-18.20
  • freetype2-devel-64bit >= 2.1.10-18.20
 sles10-sp2. ia64
sles10-sp2. ppc
sled10-sp2. x86-64
sles10-sp2. x86-64
sles10-sp2. x86
sled10-sp2. x86
sles10-sp2. s390x
ZYPP Patch Nr: 6181
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP2 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP2 for IBM zSeries 64bit
  • freetype2 >= 2.1.10-18.20
  • freetype2-32bit >= 2.1.10-18.20
  • freetype2-devel >= 2.1.10-18.20
  • freetype2-devel-32bit >= 2.1.10-18.20
 sles10-sp2. ia64
sles10-sp2. ppc
sled10-sp2. x86-64
sles10-sp2. x86-64
sles10-sp2. x86
sled10-sp2. x86
sles10-sp2. s390x
ZYPP Patch Nr: 6181

Novell® Making IT Work As One

© 2009 Novell, Inc. All Rights Reserved.